Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mcafee vulnerabilities and exploits

(subscribe to this query)

5.4
CVSSv2
CVE-2008-1357
Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code...
Mcafee Agent 4.0Mcafee Cma 3.0.6.453Mcafee Cma 3.5.5.438Mcafee Cma 3.6.438Mcafee Cma 3.6.453Mcafee Cma 3.6.546Mcafee Cma 3.6.574Mcafee Epolicy Orchestrator 4.0Mcafee Mcafee Framework 3.6.569
9.3
CVSSv2
CVE-2015-8024
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8, when configured to use Active Directory or LDAP authentication...
Mcafee Mcafee Enterprise Security Manager 9.3.0Mcafee Mcafee Enterprise Security Manager 9.3.1Mcafee Mcafee Enterprise Security Manager 9.3.2Mcafee Mcafee Enterprise Security Manager 9.4.0Mcafee Mcafee Enterprise Security Manager 9.4.1Mcafee Mcafee Enterprise Security Manager 9.4.2Mcafee Mcafee Enterprise Security Manager 9.5.0
9.3
CVSSv2
CVE-2012-4598
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site....
Mcafee Mcafee Virtual TechnicianMcafee Epo Mcafee Virtual Technician 1.0Mcafee Epo Mcafee Virtual Technician 1.0.4.0Mcafee Epo Mcafee Virtual Technician
4.3
CVSSv2
CVE-2013-0141
Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory....
Mcafee Epolicy Orchestrator 2.0Mcafee Epolicy Orchestrator 2.5Mcafee Epolicy Orchestrator 2.5.1Mcafee Epolicy Orchestrator 3.0Mcafee Epolicy Orchestrator 3.5.0Mcafee Epolicy Orchestrator 3.6.0Mcafee Epolicy Orchestrator 3.6.1Mcafee Epolicy Orchestrator 4.0Mcafee Epolicy Orchestrator 4.5.0Mcafee Epolicy Orchestrator 4.5.3Mcafee Epolicy Orchestrator 4.5.4Mcafee Epolicy Orchestrator 4.5.5Mcafee Epolicy OrchestratorMcafee Epolicy Orchestrator 4.6.0Mcafee Epolicy Orchestrator 4.6.1Mcafee Epolicy Orchestrator 4.6.2Mcafee Epolicy Orchestrator 4.6.3Mcafee Epolicy Orchestrator 4.6.4Mcafee Epolicy Orchestrator 4.6.5
7.9
CVSSv2
CVE-2013-0140
SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a crafted request over the Agent-Server communication channel....
Mcafee Epolicy Orchestrator 2.0Mcafee Epolicy Orchestrator 2.5Mcafee Epolicy Orchestrator 2.5.1Mcafee Epolicy Orchestrator 3.0Mcafee Epolicy Orchestrator 3.5.0Mcafee Epolicy Orchestrator 3.6.0Mcafee Epolicy Orchestrator 3.6.1Mcafee Epolicy Orchestrator 4.0Mcafee Epolicy Orchestrator 4.5.0Mcafee Epolicy Orchestrator 4.5.3Mcafee Epolicy Orchestrator 4.5.4Mcafee Epolicy Orchestrator 4.5.5Mcafee Epolicy OrchestratorMcafee Epolicy Orchestrator 4.6.0Mcafee Epolicy Orchestrator 4.6.1Mcafee Epolicy Orchestrator 4.6.2Mcafee Epolicy Orchestrator 4.6.3Mcafee Epolicy Orchestrator 4.6.4Mcafee Epolicy Orchestrator 4.6.5
2.6
CVSSv2
CVE-2010-5143
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module....
Mcafee Virusscan Enterprise 8.0iMcafee Virusscan Enterprise 8.5iMcafee Virusscan Enterprise 8.6.0Mcafee Virusscan EnterpriseMcafee Virusscan Enterprise 8.7.00003Mcafee Virusscan Enterprise 8.7.00004Mcafee Virusscan Enterprise 8.7i
4.6
CVSSv2
CVE-2016-8009
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call....
Mcafee Application Control 6.0.0Mcafee Application Control 6.1.0Mcafee Application Control 6.1.1Mcafee Application Control 6.1.2Mcafee Application Control 6.1.3Mcafee Application Control 6.2.0Mcafee Application Control 7.0.0
4.6
CVSSv2
CVE-2020-7274
Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by...
Mcafee Endpoint Security 10.5.0Mcafee Endpoint Security 10.5.1Mcafee Endpoint Security 10.5.2Mcafee Endpoint Security 10.5.3Mcafee Endpoint Security 10.5.4Mcafee Endpoint Security 10.5.5Mcafee Endpoint Security 10.6.0
4.3
CVSSv2
CVE-2017-3896
Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated....
Mcafee Mcafee Agent 5.0.0Mcafee Mcafee Agent 5.0.1Mcafee Mcafee Agent 5.0.2Mcafee Mcafee Agent 5.0.3Mcafee Mcafee Agent 5.0.4
8.2
CVSSv2
CVE-2012-5879
An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument to the Save method....
Mcafee Mcafee Virtual Technician 6.3.0.1911Mcafee Mcafee Virtual TechnicianMcafee Epo Mcafee Virtual Technician 1.0Mcafee Epo Mcafee Virtual Technician 1.0.4.0Mcafee Epo Mcafee Virtual Technician 1.0.7Mcafee Epo Mcafee Virtual Technician 1.0.8Mcafee Epo Mcafee Virtual Technician 1.0.9Mcafee Epo Mcafee Virtual Technician
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-24686CVE-2021-21298CVE-2021-69420server-side request forgeryCVE-2021-23957microsoftSSTI.netSQLCVE-2021-21273CVE-2021-25281