Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-3660
Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) before 4.8 allows remote authenticated malicious user to execute commands on the server remotely via carefully constructed HTTP requests.
Mcafee Advanced Threat Defense
8.8
CVSSv3
CVE-2019-3632
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) before 11.2.0 and before 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
Mcafee Enterprise Security Manager
8.8
CVSSv3
CVE-2019-3628
Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x before 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.
Mcafee Enterprise Security Manager
8.8
CVSSv3
CVE-2019-3604
Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.
Mcafee Epolicy Orchestrator
8.8
CVSSv3
CVE-2017-3960
Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) prior to 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter.
Mcafee Network Security Manager
8.8
CVSSv3
CVE-2018-6664
Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint prior to 10.0.500 and DLP Endpoint prior to 11.0.400 allows authenticated users to bypass the product block action via a command-line utility.
Mcafee Data Loss Prevention Endpoint
8.8
CVSSv3
CVE-2017-3965
Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) prior to 8.2.7.42.2 allows remote malicious users to perform unauthorized tasks such as retrieving internal system information or manipulating the...
Mcafee Network Security Manager
8.8
CVSSv3
CVE-2017-4054
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter.
Mcafee Advanced Threat Defense 3.10
Mcafee Advanced Threat Defense 3.8
Mcafee Advanced Threat Defense 3.6
Mcafee Advanced Threat Defense 3.4
8.8
CVSSv3
CVE-2017-4057
Privilege Escalation vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to gain elevated privileges via the GUI or GUI terminal commands.
Mcafee Advanced Threat Defense 3.8
Mcafee Advanced Threat Defense 3.6
Mcafee Advanced Threat Defense 3.4
Mcafee Advanced Threat Defense 3.10
8.8
CVSSv3
CVE-2016-8008
Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows malicious users to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system.
Mcafee Security Scan Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »