mcafee

602 tracked vulnerabilities.

CVE-2024-25254 CRITICAL
McAfee SuperScan 4.1 - Buffer Overflow via Hostname/IP Parameter
Nov 11, 2024
CVSS 9.8
EPSS 0.00
CVE-2023-5445 MEDIUM
McAfee ePolicy Orchestrator < 5.10.0 - Authenticated Open Redirect via Dashboard URL Parameter
Nov 17, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-5444 HIGH
McAfee ePolicy Orchestrator < 5.10.0 - Cross-Site Request Forgery in Dashboard User Addition
Nov 17, 2023
CVSS 8.0
EPSS 0.00
CVE-2023-40352 HIGH
McAfee Safe Connect < 2.16.1.126 - DLL Hijacking via Uncontrolled Search Path
Aug 21, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-3946 MEDIUM
McAfee ePolicy Orchestrator < 5.10.0 - Unauthenticated Reflected Cross-Site Scripting
Jul 26, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-25134 MEDIUM
McAfee Total Protection <16.0.50 - Code Injection
Mar 21, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-0978 MEDIUM
Mcafee Advanced Threat Defense < 4.14.2 - Command Injection
Mar 13, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-24579 MEDIUM
McAfee Total Protection <16.0.51 - Info Disclosure
Mar 13, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-24578 MEDIUM
McAfee Total Protection <16.0.49 - Privilege Escalation
Mar 13, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-24577 MEDIUM
McAfee Total Protection <16.0.50 - Privilege Escalation
Mar 13, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-0221 MEDIUM
McAfee Application and Change Control < 8.3.4 - Authenticated Security Bypass via utilman Program
Jan 13, 2023
CVSS 4.4
EPSS 0.00
CVE-2022-43751 HIGH
McAfee Total Protection <16.0.49 - Code Injection
Nov 23, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-2188 MEDIUM
DXL Broker <6.0.0.280 - Privilege Escalation
Nov 07, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-3339 MEDIUM
McAfee ePolicy Orchestrator < 5.10.0 - Unauthenticated Reflected Cross-Site Scripting
Oct 18, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-3338 MEDIUM
Trellix ePolicy Orchestrator <5.10 Update 14 - XXE to Server-Side Request Forgery
Oct 18, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-2330 MEDIUM
DLP Endpoint for Windows <11.9.100 - SSRF
Aug 30, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-37025 HIGH
McAfee Security Scan Plus < 4.1.262.1 - Privilege Escalation via Configuration File Tampering
Aug 18, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-2313 HIGH
MA Smart Installer <5.7.7 - Code Injection
Jul 27, 2022
CVSS 8.2
EPSS 0.00
CVE-2022-1824 HIGH
McAfee Consumer Product Removal Tool < 10.4.128 - Uncontrolled Search Path Element via Sideloading Attack
Jun 20, 2022
CVSS 7.9
EPSS 0.00
CVE-2022-1823 HIGH
McAfee Consumer Product Removal Tool < 10.4.128 - Privilege Escalation via Configuration File Tampering
Jun 20, 2022
CVSS 7.9
EPSS 0.00
CVE-2022-1254 MEDIUM
Mcafee Web Gateway < 7.8.2.31 - Open Redirect
Apr 20, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-1258 HIGH
McAfee Agent < 5.7.6 - Authenticated Blind SQL Injection via ePO Extension
Apr 14, 2022
CVSS 8.4
EPSS 0.00
CVE-2022-1257 MEDIUM
McAfee Agent < 5.7.6 - Insecure Storage of Sensitive Information in ma.db
Apr 14, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-1256 HIGH
McAfee Agent < 5.7.6 - Local Privilege Escalation via Symbolic Link Manipulation
Apr 14, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0862 LOW
McAfee ePolicy Orchestrator < 5.10.0 - Unauthenticated Password Change via Deprecated API
Mar 23, 2022
CVSS 3.1
EPSS 0.00
Products
epolicy_orchestrator 86 web_gateway 41 endpoint_security 37 network_data_loss_prevention 31 virusscan_enterprise 29 advanced_threat_defense 26 data_loss_prevention_endpoint 26 total_protection 26 agent 25 email_gateway 20 network_security_manager 19 gateway 13 data_loss_prevention 12 scan_engine 12 email_and_web_security 10 mcafee_agent 10 virusscan 10 antivirus_engine 9 enterprise_security_manager 9 policy_auditor 9 database_security 8 true_key 8 Network Data Loss Prevention (NDLP) 7 active_response 7 application_control 7 security_scan_plus 7 threat_intelligence_exchange_server 7 application_and_change_control 6 e-business_server 6 enterprise_mobility_manager 6
Quick Filters
Critical CVEs With Exploits In CISA KEV