Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2021-31836
Improper privilege management vulnerability in maconfig for McAfee Agent for Windows before 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user.
Mcafee Mcafee Agent
7.8
CVSSv3
CVE-2020-7312
DLL Search Order Hijacking Vulnerability in the installer in McAfee Agent (MA) for Windows before 5.6.6 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder.
Mcafee Mcafee Agent
7.3
CVSSv3
CVE-2021-31841
A DLL sideloading vulnerability in McAfee Agent for Windows before 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability t...
Mcafee Mcafee Agent
7.3
CVSSv3
CVE-2021-31840
A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows before 5.7.3 could allow an authenticated, local malicious user to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need...
Mcafee Mcafee Agent
7
CVSSv3
CVE-2020-7311
Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows before 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files.
Mcafee Mcafee Agent
7.8
CVSSv3
CVE-2020-7314
Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files.
Mcafee Mcafee Agent
5.4
CVSSv3
CVE-2017-3902
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation.
Mcafee Epolicy Orchestrator 5.1.0
Mcafee Epolicy Orchestrator 5.1.2
Mcafee Epolicy Orchestrator 5.1.1
Mcafee Epolicy Orchestrator 5.1.3
NA
CVE-2006-5271
Integer underflow in McAfee ePolicy Orchestrator 3.5 up to and including 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and previous versions allows remote malicious users to execute arbitrary code via a crafted UDP packet, which causes stack co...
Mcafee E-business Server 3.6.1
Mcafee Protectionpilot 1.1.1
Mcafee Protectionpilot 1.5.0
Mcafee E-business Server 3.5
5.4
CVSSv3
CVE-2018-6659
Reflected Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows remote authenticated users to exploit an XSS issue via not sanitizing the user input.
Mcafee Epolicy Orchestrator 5.3.0
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
4.9
CVSSv3
CVE-2018-6660
Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XM...
Mcafee Epolicy Orchestrator 5.3.0
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »