← Back

Mcafee

mcafee

602 CVEs • 137 products

Products (137)

Click to collapse
Toggle
Epolicy Orchestrator
epolicy_orchestrator
86 CVEs
Web Gateway
web_gateway
41 CVEs
Endpoint Security
endpoint_security
37 CVEs
Network Data Loss Prevention
network_data_loss_prevention
31 CVEs
Virusscan Enterprise
virusscan_enterprise
29 CVEs
Total Protection
total_protection
26 CVEs
Data Loss Prevention Endpoint
data_loss_prevention_endpoint
26 CVEs
Advanced Threat Defense
advanced_threat_defense
26 CVEs
Agent
agent
25 CVEs
Email Gateway
email_gateway
20 CVEs
Network Security Manager
network_security_manager
19 CVEs
Gateway
gateway
13 CVEs
Scan Engine
scan_engine
12 CVEs
Data Loss Prevention
data_loss_prevention
12 CVEs
Virusscan
virusscan
10 CVEs
Email And Web Security
email_and_web_security
10 CVEs
Mcafee Agent
mcafee_agent
10 CVEs
Antivirus Engine
antivirus_engine
9 CVEs
Enterprise Security Manager
enterprise_security_manager
9 CVEs
Policy Auditor
policy_auditor
9 CVEs
True Key
true_key
8 CVEs
Database Security
database_security
8 CVEs
Application Control
application_control
7 CVEs
Active Response
active_response
7 CVEs
Security Scan Plus
security_scan_plus
7 CVEs
Threat Intelligence Exchange Server
threat_intelligence_exchange_server
7 CVEs
Protectionpilot
protectionpilot
6 CVEs
E Business Server
e-business_server
6 CVEs
Enterprise Mobility Manager
enterprise_mobility_manager
6 CVEs
Vulnerability Manager
vulnerability_manager
6 CVEs
Application And Change Control
application_and_change_control
6 CVEs
Mvision Endpoint
mvision_endpoint
6 CVEs
Internet Security Suite
internet_security_suite
5 CVEs
Common Management Agent
common_management_agent
5 CVEs
Data Exchange Layer
data_exchange_layer
5 CVEs
Mcafee Web Gateway
mcafee_web_gateway
4 CVEs
Intrushield Security Management System
intrushield_security_management_system
3 CVEs
Virex
virex
3 CVEs
Epolicy Orchestrator Agent
epolicy_orchestrator_agent
3 CVEs
Saas Endpoint Protection
saas_endpoint_protection
3 CVEs
Change Control
change_control
3 CVEs
File And Removable Media Protection
file_and_removable_media_protection
3 CVEs
Host Intrusion Prevention
host_intrusion_prevention
3 CVEs
Livesafe
livesafe
3 CVEs
Security Webadvisor
security_webadvisor
3 CVEs
Cloud Av
cloud_av
3 CVEs
Drive Encryption
drive_encryption
3 CVEs
Application Change Control
application_change_control
3 CVEs
Webadvisor
webadvisor
3 CVEs
Endpoint Detection And Response
endpoint_detection_and_response
3 CVEs
Webshield Smtp
webshield_smtp
2 CVEs
Personal Firewall Plus
personal_firewall_plus
2 CVEs
Security Center
security_center
2 CVEs
Cma
cma
2 CVEs
Smartfilter
smartfilter
2 CVEs
Intrushield Network Security Manager
intrushield_network_security_manager
2 CVEs
Enterprise Mobility Manager Agent
enterprise_mobility_manager_agent
2 CVEs
Mcafee Virtual Technician
mcafee_virtual_technician
2 CVEs
Epo Mcafee Virtual Technician
epo_mcafee_virtual_technician
2 CVEs
Superscan
superscan
2 CVEs
Cloud Single Sign On
cloud_single_sign_on
2 CVEs
Asset Manager
asset_manager
2 CVEs
Epo Deep Command
epo_deep_command
2 CVEs
Threat Intelligence Exchange
threat_intelligence_exchange
2 CVEs
File Lock
file_lock
2 CVEs
Anti Malware Scan Engine
anti-malware_scan_engine
2 CVEs
Anti Virus Plus
anti-virus_plus
2 CVEs
Internet Security
internet_security
2 CVEs
Endpoint Security For Linux Threat Prevention
endpoint_security_for_linux_threat_prevention
2 CVEs
Getsusp
getsusp
2 CVEs
Techcheck
techcheck
2 CVEs
Network Security Management
network_security_management
2 CVEs
Web Gateway Cloud Service
web_gateway_cloud_service
2 CVEs
Consumer Product Removal Tool
consumer_product_removal_tool
2 CVEs
Asap Virusscan
asap_virusscan
1 CVE
Remote Desktop 32
remote_desktop_32
1 CVE
Entercept Agent
entercept_agent
1 CVE
Freescan
freescan
1 CVE
Security Installer Control System
security_installer_control_system
1 CVE
Mcinsctl.dll
mcinsctl.dll
1 CVE
Virusscan Security Center
virusscan_security_center
1 CVE
Antispyware
antispyware
1 CVE
Privacy Service
privacy_service
1 CVE
Quickclean
quickclean
1 CVE
Spamkiller
spamkiller
1 CVE
Wireless Home Network Security
wireless_home_network_security
1 CVE
Network Agent
network_agent
1 CVE
Neotrace
neotrace
1 CVE
Visual Trace
visual_trace
1 CVE
Securitycenter Agent
securitycenter_agent
1 CVE
Mcafee Framework
mcafee_framework
1 CVE
Encrypted Usb Manager
encrypted_usb_manager
1 CVE
Active Virus Defense
active_virus_defense
1 CVE
Active Virusscan
active_virusscan
1 CVE
Securityshield For Email Servers
securityshield_for_email_servers
1 CVE
Securityshield For Microsoft Isa Server
securityshield_for_microsoft_isa_server
1 CVE
Securityshield For Microsoft Sharepoint
securityshield_for_microsoft_sharepoint
1 CVE
Total Protection For Endpoint
total_protection_for_endpoint
1 CVE
Virusscan Commandline
virusscan_commandline
1 CVE
Virusscan Plus
virusscan_plus
1 CVE

CVEs (602)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-7305
1Mcafee
1Data Loss Prevention
Nov 21, 2024
Aug 13, 2020
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user credentials.
CVE-2020-7304
1Mcafee
1Data Loss Prevention
Nov 21, 2024
Aug 13, 2020
N/A· v4
7.6 HIGH· v3
5.2 MEDIUM· v2
Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.
CVE-2020-7303
1Mcafee
1Data Loss Prevention
Nov 21, 2024
Aug 13, 2020
N/A· v4
4.1 MEDIUM· v3
2.3 LOW· v2
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new label.
CVE-2020-7302
1Mcafee
1Data Loss Prevention
Nov 21, 2024
Aug 13, 2020
N/A· v4
6.4 MEDIUM· v3
5.5 MEDIUM· v2
Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of s...Show more
Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking.Show less
CVE-2020-7301
1Mcafee
1Data Loss Prevention
Nov 21, 2024
Aug 12, 2020
N/A· v4
4.6 MEDIUM· v3
3.5 LOW· v2
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case management section.
CVE-2020-7300
1Mcafee
1Data Loss Prevention
Nov 21, 2024
Aug 12, 2020
N/A· v4
6.3 MEDIUM· v3
4.0 MEDIUM· v2
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via caref...Show more
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via carefully constructed HTTP post messages.Show less
CVE-2020-7298
1Mcafee
1Total Protection
Nov 21, 2024
Aug 5, 2020
N/A· v4
8.4 HIGH· v3
3.6 LOW· v2
Unexpected behavior violation in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to turn off real time scanning via a specially crafted object making a specific function call.
CVE-2020-14621
7Canonical
DebianFedoraproject+4 more
237 Mode Transition Tool
Active Iq Unified ManagerCloud Backup+20 more
May 27, 2025
Jul 15, 2020
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable v...Show more
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).Show less
CVE-2020-14581
7Canonical
DebianFedoraproject+4 more
217 Mode Transition Tool
Active Iq Unified ManagerCloud Backup+18 more
May 27, 2025
Jul 15, 2020
N/A· v4
3.7 LOW· v3
4.3 MEDIUM· v2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerab...Show more
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).Show less
CVE-2020-14579
7Canonical
DebianFedoraproject+4 more
217 Mode Transition Tool
Active Iq Unified ManagerCloud Backup+18 more
May 27, 2025
Jul 15, 2020
N/A· v4
3.7 LOW· v3
4.3 MEDIUM· v2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerabil...Show more
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).Show less
CVE-2020-14578
7Canonical
DebianFedoraproject+4 more
217 Mode Transition Tool
Active Iq Unified ManagerCloud Backup+18 more
May 27, 2025
Jul 15, 2020
N/A· v4
3.7 LOW· v3
4.3 MEDIUM· v2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerabil...Show more
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).Show less
CVE-2020-7292
1Mcafee
1Web Gateway
Nov 21, 2024
Jul 15, 2020
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious...Show more
Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL.Show less
CVE-2020-13935
7Apache
CanonicalDebian+4 more
18Agile Engineering Data Management
Agile PlmBlockchain Platform+15 more
Nov 21, 2024
Jul 14, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite lo...Show more
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.Show less
CVE-2020-15719
5Mcafee
OpenldapOpensuse+2 more
5Blockchain Platform
Enterprise LinuxLeap+2 more
Nov 21, 2024
Jul 14, 2020
N/A· v4
4.2 MEDIUM· v3
4.0 MEDIUM· v2
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This i...Show more
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.Show less
CVE-2020-7284
1Mcafee
1Network Security Management
Nov 21, 2024
Jul 3, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the rest...Show more
Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface (CLI).Show less
CVE-2020-7283
1Mcafee
1Total Protection
Nov 21, 2024
Jul 3, 2020
N/A· v4
8.8 HIGH· v3
4.6 MEDIUM· v2
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This i...Show more
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine.Show less
CVE-2020-7282
1Mcafee
1Total Protection
Nov 21, 2024
Jul 3, 2020
N/A· v4
6.3 MEDIUM· v3
3.3 LOW· v2
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee dele...Show more
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.Show less
CVE-2020-7281
1Mcafee
1Total Protection
Nov 21, 2024
Jul 3, 2020
N/A· v4
6.3 MEDIUM· v3
1.9 LOW· v2
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee de...Show more
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.Show less
CVE-2020-7262
1Mcafee
1Advanced Threat Defense
Nov 21, 2024
Jun 22, 2020
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
Improper Access Control vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.10.0 allows local users to view sensitive files via a carefully crafted HTTP request parameter.
CVE-2020-0543
6Canonical
FedoraprojectIntel+3 more
694Celeron 1000m
Celeron 1005mCeleron 1007u+691 more
Nov 21, 2024
Jun 15, 2020
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.