Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / mcafee

mcafee

602 tracked vulnerabilities.

CVE-2022-0861 LOW

McAfee ePolicy Orchestrator < 5.10.0 - Authenticated XML External Entity Injection via Extension Import

CVE-2022-0859 MEDIUM

McAfee ePolicy Orchestrator < 5.10 Update 13 - Authenticated SQL Server Redirection via Server Restoration

CVE-2022-0858 MEDIUM

McAfee ePolicy Orchestrator < 5.10 Update 13 - Cross-Site Scripting

CVE-2022-0857 MEDIUM

McAfee ePolicy Orchestrator < 5.10 Update 13 - Reflected Cross-Site Scripting

CVE-2022-0842 MEDIUM

McAfee ePolicy Orchestrator < 5.10.0 - Authenticated Blind SQL Injection

CVE-2022-0815 MEDIUM

McAfee WebAdvisor < 8.1.0.1895 - Improper Access Control

CVE-2022-0166 HIGH

McAfee Agent <5.7.5 - Privilege Escalation

CVE-2022-0129 HIGH

McAfee TechCheck <4.0.0.2 - Privilege Escalation

CVE-2021-4088 HIGH

McAfee Data Loss Prevention 11.6.401 11.7.0-11.7.100 11.8.0-11.8.99 - Authenticated SQL Injection

CVE-2021-31854 HIGH

McAfee Agent < 5.7.5 - OS Command Injection via File Cleanup Execution

CVE-2021-31833 HIGH

McAfee Application and Change Control < 8.3.4 - Privilege Escalation via Binary Renaming

CVE-2021-4038 MEDIUM

McAfee Network Security Manager < 10.1.7.48 - Authenticated Stored Cross-Site Scripting via Custom Rule HTML Injection

CVE-2021-31850 MEDIUM

McAfee Database Security < 4.8.4 - Authenticated Denial of Service and Arbitrary File Write via Archiving Configuration

CVE-2021-31852 MEDIUM

McAfee Policy Auditor < 6.5.2 - Unauthenticated Reflected Cross-Site Scripting via UID Parameter

CVE-2021-31851 MEDIUM

McAfee Policy Auditor < 6.5.2 - Unauthenticated Reflected Cross-Site Scripting via profileNodeID Parameter

CVE-2021-31853 HIGH

McAfee Drive Encryption < 7.3.0 HF2 - DLL Search Order Hijacking

CVE-2021-31849 HIGH

McAfee Data Loss Prevention Endpoint 11.6.0-11.6.400 - Authenticated SQL Injection via User Management Section

CVE-2021-31848 HIGH

McAfee Data Loss Prevention Endpoint 11.6.0-11.6.400 - Stored Cross-Site Scripting in Case Management

CVE-2021-23877 MEDIUM

McAfee Total Protection < 16.0.34 - Privilege Escalation via Trial Installer Temporary File Replacement

CVE-2021-31835 MEDIUM

McAfee ePolicy Orchestrator < 5.10 Update 11 - Authenticated Stored Cross-Site Scripting

CVE-2021-31834 MEDIUM

McAfee ePolicy Orchestrator < 5.10.0 Update 11 - Stored Cross-Site Scripting via Administrator Input Parameters

CVE-2021-23893 HIGH

McAfee Drive Encryption < 7.3.0 - Privilege Escalation via Unutilized Memory Buffer

CVE-2021-31847 HIGH

McAfee Agent < 5.7.4 - DLL Preloading Privilege Escalation via Unprotected Repair Directory

CVE-2021-31841 HIGH

McAfee Agent < 5.7.4 - DLL Sideloading via Unsigned DLL

CVE-2021-31836 MEDIUM

McAfee Agent for Windows < 5.7.4 - Improper Privilege Management via maconfig Utility

Previous Page 2 of 25 Next

Products

epolicy_orchestrator 86 web_gateway 41 endpoint_security 37 network_data_loss_prevention 31 virusscan_enterprise 29 advanced_threat_defense 26 data_loss_prevention_endpoint 26 total_protection 26 agent 25 email_gateway 20 network_security_manager 19 gateway 13 data_loss_prevention 12 scan_engine 12 email_and_web_security 10 mcafee_agent 10 virusscan 10 antivirus_engine 9 enterprise_security_manager 9 policy_auditor 9 database_security 8 true_key 8 Network Data Loss Prevention (NDLP) 7 active_response 7 application_control 7 security_scan_plus 7 threat_intelligence_exchange_server 7 application_and_change_control 6 e-business_server 6 enterprise_mobility_manager 6

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy