← Back

Mcafee

mcafee

602 CVEs • 137 products

Products (137)

Click to collapse
Toggle
Epolicy Orchestrator
epolicy_orchestrator
86 CVEs
Web Gateway
web_gateway
41 CVEs
Endpoint Security
endpoint_security
37 CVEs
Network Data Loss Prevention
network_data_loss_prevention
31 CVEs
Virusscan Enterprise
virusscan_enterprise
29 CVEs
Total Protection
total_protection
26 CVEs
Data Loss Prevention Endpoint
data_loss_prevention_endpoint
26 CVEs
Advanced Threat Defense
advanced_threat_defense
26 CVEs
Agent
agent
25 CVEs
Email Gateway
email_gateway
20 CVEs
Network Security Manager
network_security_manager
19 CVEs
Gateway
gateway
13 CVEs
Scan Engine
scan_engine
12 CVEs
Data Loss Prevention
data_loss_prevention
12 CVEs
Virusscan
virusscan
10 CVEs
Email And Web Security
email_and_web_security
10 CVEs
Mcafee Agent
mcafee_agent
10 CVEs
Antivirus Engine
antivirus_engine
9 CVEs
Enterprise Security Manager
enterprise_security_manager
9 CVEs
Policy Auditor
policy_auditor
9 CVEs
True Key
true_key
8 CVEs
Database Security
database_security
8 CVEs
Application Control
application_control
7 CVEs
Active Response
active_response
7 CVEs
Security Scan Plus
security_scan_plus
7 CVEs
Threat Intelligence Exchange Server
threat_intelligence_exchange_server
7 CVEs
Protectionpilot
protectionpilot
6 CVEs
E Business Server
e-business_server
6 CVEs
Enterprise Mobility Manager
enterprise_mobility_manager
6 CVEs
Vulnerability Manager
vulnerability_manager
6 CVEs
Application And Change Control
application_and_change_control
6 CVEs
Mvision Endpoint
mvision_endpoint
6 CVEs
Internet Security Suite
internet_security_suite
5 CVEs
Common Management Agent
common_management_agent
5 CVEs
Data Exchange Layer
data_exchange_layer
5 CVEs
Mcafee Web Gateway
mcafee_web_gateway
4 CVEs
Intrushield Security Management System
intrushield_security_management_system
3 CVEs
Virex
virex
3 CVEs
Epolicy Orchestrator Agent
epolicy_orchestrator_agent
3 CVEs
Saas Endpoint Protection
saas_endpoint_protection
3 CVEs
Change Control
change_control
3 CVEs
File And Removable Media Protection
file_and_removable_media_protection
3 CVEs
Host Intrusion Prevention
host_intrusion_prevention
3 CVEs
Livesafe
livesafe
3 CVEs
Security Webadvisor
security_webadvisor
3 CVEs
Cloud Av
cloud_av
3 CVEs
Drive Encryption
drive_encryption
3 CVEs
Application Change Control
application_change_control
3 CVEs
Webadvisor
webadvisor
3 CVEs
Endpoint Detection And Response
endpoint_detection_and_response
3 CVEs
Webshield Smtp
webshield_smtp
2 CVEs
Personal Firewall Plus
personal_firewall_plus
2 CVEs
Security Center
security_center
2 CVEs
Cma
cma
2 CVEs
Smartfilter
smartfilter
2 CVEs
Intrushield Network Security Manager
intrushield_network_security_manager
2 CVEs
Enterprise Mobility Manager Agent
enterprise_mobility_manager_agent
2 CVEs
Mcafee Virtual Technician
mcafee_virtual_technician
2 CVEs
Epo Mcafee Virtual Technician
epo_mcafee_virtual_technician
2 CVEs
Superscan
superscan
2 CVEs
Cloud Single Sign On
cloud_single_sign_on
2 CVEs
Asset Manager
asset_manager
2 CVEs
Epo Deep Command
epo_deep_command
2 CVEs
Threat Intelligence Exchange
threat_intelligence_exchange
2 CVEs
File Lock
file_lock
2 CVEs
Anti Malware Scan Engine
anti-malware_scan_engine
2 CVEs
Anti Virus Plus
anti-virus_plus
2 CVEs
Internet Security
internet_security
2 CVEs
Endpoint Security For Linux Threat Prevention
endpoint_security_for_linux_threat_prevention
2 CVEs
Getsusp
getsusp
2 CVEs
Techcheck
techcheck
2 CVEs
Network Security Management
network_security_management
2 CVEs
Web Gateway Cloud Service
web_gateway_cloud_service
2 CVEs
Consumer Product Removal Tool
consumer_product_removal_tool
2 CVEs
Asap Virusscan
asap_virusscan
1 CVE
Remote Desktop 32
remote_desktop_32
1 CVE
Entercept Agent
entercept_agent
1 CVE
Freescan
freescan
1 CVE
Security Installer Control System
security_installer_control_system
1 CVE
Mcinsctl.dll
mcinsctl.dll
1 CVE
Virusscan Security Center
virusscan_security_center
1 CVE
Antispyware
antispyware
1 CVE
Privacy Service
privacy_service
1 CVE
Quickclean
quickclean
1 CVE
Spamkiller
spamkiller
1 CVE
Wireless Home Network Security
wireless_home_network_security
1 CVE
Network Agent
network_agent
1 CVE
Neotrace
neotrace
1 CVE
Visual Trace
visual_trace
1 CVE
Securitycenter Agent
securitycenter_agent
1 CVE
Mcafee Framework
mcafee_framework
1 CVE
Encrypted Usb Manager
encrypted_usb_manager
1 CVE
Active Virus Defense
active_virus_defense
1 CVE
Active Virusscan
active_virusscan
1 CVE
Securityshield For Email Servers
securityshield_for_email_servers
1 CVE
Securityshield For Microsoft Isa Server
securityshield_for_microsoft_isa_server
1 CVE
Securityshield For Microsoft Sharepoint
securityshield_for_microsoft_sharepoint
1 CVE
Total Protection For Endpoint
total_protection_for_endpoint
1 CVE
Virusscan Commandline
virusscan_commandline
1 CVE
Virusscan Plus
virusscan_plus
1 CVE

CVEs (602)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-3592
1Mcafee
1Agent
Nov 21, 2024
Jul 18, 2019
N/A· v4
6.7 MEDIUM· v3
4.6 MEDIUM· v2
Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and placing a carefully con...Show more
Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and placing a carefully constructed file in the MA directory.Show less
CVE-2019-3619
1Mcafee
1Epolicy Orchestrator
Nov 21, 2024
Jul 3, 2019
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive information in plain text...Show more
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between the Agent Handler and the SQL server.Show less
CVE-2019-3632
1Mcafee
1Enterprise Security Manager
Nov 21, 2024
Jun 27, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
CVE-2019-3631
1Mcafee
1Enterprise Security Manager
Nov 21, 2024
Jun 27, 2019
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
CVE-2019-3630
1Mcafee
1Enterprise Security Manager
Nov 21, 2024
Jun 27, 2019
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
CVE-2019-3629
1Mcafee
1Enterprise Security Manager
Nov 21, 2024
Jun 27, 2019
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters.
CVE-2019-3628
1Mcafee
1Enterprise Security Manager
Nov 21, 2024
Jun 27, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.
CVE-2019-3602
1Mcafee
1Network Security Manager
Nov 21, 2024
May 15, 2019
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom...Show more
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML.Show less
CVE-2019-3586
1Mcafee
1Endpoint Security
Nov 21, 2024
May 15, 2019
N/A· v4
7.5 HIGH· v3
5.1 MEDIUM· v2
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not b...Show more
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.Show less
CVE-2019-2602
7Canonical
DebianHp+4 more
16Debian Linux
Enterprise LinuxEnterprise Linux Desktop+13 more
Nov 21, 2024
Apr 23, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploit...Show more
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-3612
1Mcafee
2Data Exchange Layer
Threat Intelligence Exchange
Nov 21, 2024
Apr 10, 2019
N/A· v4
4.4 MEDIUM· v3
2.1 LOW· v2
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or comman...Show more
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.Show less
CVE-2019-3606
1Mcafee
1Network Security Manager
Nov 21, 2024
Mar 26, 2019
N/A· v4
4.1 MEDIUM· v3
1.9 LOW· v2
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configurat...Show more
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands.Show less
CVE-2019-3597
1Mcafee
1Network Security Manager
Nov 21, 2024
Mar 26, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Authentication Bypass vulnerability in McAfee Network Security Manager (NSM) 9.1 < 9.1.7.75.2 and 9.2 < 9.2.7.31 (9.2 Update 2) allows unauthenticated users to gain administrator rights via incorrect handling of expired...Show more
Authentication Bypass vulnerability in McAfee Network Security Manager (NSM) 9.1 < 9.1.7.75.2 and 9.2 < 9.2.7.31 (9.2 Update 2) allows unauthenticated users to gain administrator rights via incorrect handling of expired GUI sessions.Show less
CVE-2019-6454
8Canonical
DebianFedoraproject+5 more
22Active Iq Performance Analytics Services
Debian LinuxEnterprise Linux+19 more
Nov 21, 2024
Mar 21, 2019
N/A· v4
5.5 MEDIUM· v3
4.9 MEDIUM· v2
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An un...Show more
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).Show less
CVE-2019-3615
1Mcafee
1Database Security
Nov 21, 2024
Mar 12, 2019
N/A· v4
6.8 MEDIUM· v3
2.1 LOW· v2
Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin...Show more
Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin browser login screen.Show less
CVE-2019-3599
1Mcafee
1Agent
Nov 21, 2024
Feb 28, 2019
N/A· v4
7.5 HIGH· v3
4.3 MEDIUM· v2
Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging when it is enabled.
CVE-2019-3598
1Mcafee
1Agent
Nov 21, 2024
Feb 28, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a denial of service via specifically crafted UDP packets.
CVE-2019-3582
1Mcafee
1Endpoint Security
Nov 21, 2024
Feb 28, 2019
N/A· v4
7.8 HIGH· v3
6.1 MEDIUM· v2
Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.
CVE-2019-1559
13Canonical
DebianF5+10 more
82A220 Firmware
A320 FirmwareA800 Firmware+79 more
Nov 21, 2024
Feb 27, 2019
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte r...Show more
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).Show less
CVE-2019-9169
4Canonical
GnuMcafee+1 more
6Cloud Backup
GlibcOntap Select Deploy Administration Utility+3 more
Nov 21, 2024
Feb 26, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.