Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and previous versions and 5.1.3 and previous versions allows malicious users to alter a SQL query, which can result in disclosure of information within the database or impersona...
Mcafee Epolicy Orchestrator
9.8
CVSSv3
CVE-2017-3907
Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and previous versions allows remote malicious users to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.
Mcafee Mcafee Threat Intelligence Exchange 2.1.0
9.8
CVSSv3
CVE-2017-3936
OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows malicious users to run arbitrary OS commands with limited privileges via not sanitizing the user input data before exporting it into a CSV format out...
Mcafee Epolicy Orchestrator 5.1.0
Mcafee Epolicy Orchestrator 5.1.3
Mcafee Epolicy Orchestrator 5.1.1
Mcafee Epolicy Orchestrator 5.1.2
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
8.8
CVSSv3
CVE-2019-3604
Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.
Mcafee Epolicy Orchestrator
8.3
CVSSv3
CVE-2015-8765
Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and previous versions, 5.0.x, 5.1.x prior to 5.1.3 Hotfix 1106041, and 5.3.x prior to 5.3.1 Hotfix 1106041 allow remote malicious users to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Coll...
Mcafee Epolicy Orchestrator
8.1
CVSSv3
CVE-2020-2604
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with...
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 11.0.5
Oracle Jdk 13.0.1
Oracle Graalvm 19.3.0.2
Oracle Commerce Guided Search 11.3.2
Oracle Commerce Experience Manager 11.3.2
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Openjdk
8
CVSSv3
CVE-2023-5444
A Cross Site Request Forgery vulnerability in ePolicy Orchestrator before 5.10.0 CP1 Update 2 allows a remote low privilege user to successfully add a new user with administrator privileges to the ePO server. This impacts the dashboard area of the user interface. To exploit this...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
7.5
CVSSv3
CVE-2021-30639
A vulnerability in Apache Tomcat allows an malicious user to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests...
Apache Tomcat 10.0.4
Apache Tomcat 9.0.44
Apache Tomcat 10.0.3
Apache Tomcat 8.5.64
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Oracle Big Data Spatial And Graph
7.5
CVSSv3
CVE-2021-23840
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be...
Openssl Openssl
Debian Debian Linux 10.0
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Oracle Business Intelligence 12.2.1.3.0
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Mysql Server
Oracle Nosql Database
Oracle Jd Edwards Enterpriseone Tools
Oracle Business Intelligence 5.9.0.0.0
Oracle Communications Cloud Native Core Policy 1.15.0
1 Github repository
7.5
CVSSv3
CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lea...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Workload Manager 18c
Oracle Workload Manager 19c
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »