← Back

Mcafee

mcafee

602 CVEs • 137 products

Products (137)

Click to collapse
Toggle
Epolicy Orchestrator
epolicy_orchestrator
86 CVEs
Web Gateway
web_gateway
41 CVEs
Endpoint Security
endpoint_security
37 CVEs
Network Data Loss Prevention
network_data_loss_prevention
31 CVEs
Virusscan Enterprise
virusscan_enterprise
29 CVEs
Total Protection
total_protection
26 CVEs
Data Loss Prevention Endpoint
data_loss_prevention_endpoint
26 CVEs
Advanced Threat Defense
advanced_threat_defense
26 CVEs
Agent
agent
25 CVEs
Email Gateway
email_gateway
20 CVEs
Network Security Manager
network_security_manager
19 CVEs
Gateway
gateway
13 CVEs
Scan Engine
scan_engine
12 CVEs
Data Loss Prevention
data_loss_prevention
12 CVEs
Virusscan
virusscan
10 CVEs
Email And Web Security
email_and_web_security
10 CVEs
Mcafee Agent
mcafee_agent
10 CVEs
Antivirus Engine
antivirus_engine
9 CVEs
Enterprise Security Manager
enterprise_security_manager
9 CVEs
Policy Auditor
policy_auditor
9 CVEs
True Key
true_key
8 CVEs
Database Security
database_security
8 CVEs
Application Control
application_control
7 CVEs
Active Response
active_response
7 CVEs
Security Scan Plus
security_scan_plus
7 CVEs
Threat Intelligence Exchange Server
threat_intelligence_exchange_server
7 CVEs
Protectionpilot
protectionpilot
6 CVEs
E Business Server
e-business_server
6 CVEs
Enterprise Mobility Manager
enterprise_mobility_manager
6 CVEs
Vulnerability Manager
vulnerability_manager
6 CVEs
Application And Change Control
application_and_change_control
6 CVEs
Mvision Endpoint
mvision_endpoint
6 CVEs
Internet Security Suite
internet_security_suite
5 CVEs
Common Management Agent
common_management_agent
5 CVEs
Data Exchange Layer
data_exchange_layer
5 CVEs
Mcafee Web Gateway
mcafee_web_gateway
4 CVEs
Intrushield Security Management System
intrushield_security_management_system
3 CVEs
Virex
virex
3 CVEs
Epolicy Orchestrator Agent
epolicy_orchestrator_agent
3 CVEs
Saas Endpoint Protection
saas_endpoint_protection
3 CVEs
Change Control
change_control
3 CVEs
File And Removable Media Protection
file_and_removable_media_protection
3 CVEs
Host Intrusion Prevention
host_intrusion_prevention
3 CVEs
Livesafe
livesafe
3 CVEs
Security Webadvisor
security_webadvisor
3 CVEs
Cloud Av
cloud_av
3 CVEs
Drive Encryption
drive_encryption
3 CVEs
Application Change Control
application_change_control
3 CVEs
Webadvisor
webadvisor
3 CVEs
Endpoint Detection And Response
endpoint_detection_and_response
3 CVEs
Webshield Smtp
webshield_smtp
2 CVEs
Personal Firewall Plus
personal_firewall_plus
2 CVEs
Security Center
security_center
2 CVEs
Cma
cma
2 CVEs
Smartfilter
smartfilter
2 CVEs
Intrushield Network Security Manager
intrushield_network_security_manager
2 CVEs
Enterprise Mobility Manager Agent
enterprise_mobility_manager_agent
2 CVEs
Mcafee Virtual Technician
mcafee_virtual_technician
2 CVEs
Epo Mcafee Virtual Technician
epo_mcafee_virtual_technician
2 CVEs
Superscan
superscan
2 CVEs
Cloud Single Sign On
cloud_single_sign_on
2 CVEs
Asset Manager
asset_manager
2 CVEs
Epo Deep Command
epo_deep_command
2 CVEs
Threat Intelligence Exchange
threat_intelligence_exchange
2 CVEs
File Lock
file_lock
2 CVEs
Anti Malware Scan Engine
anti-malware_scan_engine
2 CVEs
Anti Virus Plus
anti-virus_plus
2 CVEs
Internet Security
internet_security
2 CVEs
Endpoint Security For Linux Threat Prevention
endpoint_security_for_linux_threat_prevention
2 CVEs
Getsusp
getsusp
2 CVEs
Techcheck
techcheck
2 CVEs
Network Security Management
network_security_management
2 CVEs
Web Gateway Cloud Service
web_gateway_cloud_service
2 CVEs
Consumer Product Removal Tool
consumer_product_removal_tool
2 CVEs
Asap Virusscan
asap_virusscan
1 CVE
Remote Desktop 32
remote_desktop_32
1 CVE
Entercept Agent
entercept_agent
1 CVE
Freescan
freescan
1 CVE
Security Installer Control System
security_installer_control_system
1 CVE
Mcinsctl.dll
mcinsctl.dll
1 CVE
Virusscan Security Center
virusscan_security_center
1 CVE
Antispyware
antispyware
1 CVE
Privacy Service
privacy_service
1 CVE
Quickclean
quickclean
1 CVE
Spamkiller
spamkiller
1 CVE
Wireless Home Network Security
wireless_home_network_security
1 CVE
Network Agent
network_agent
1 CVE
Neotrace
neotrace
1 CVE
Visual Trace
visual_trace
1 CVE
Securitycenter Agent
securitycenter_agent
1 CVE
Mcafee Framework
mcafee_framework
1 CVE
Encrypted Usb Manager
encrypted_usb_manager
1 CVE
Active Virus Defense
active_virus_defense
1 CVE
Active Virusscan
active_virusscan
1 CVE
Securityshield For Email Servers
securityshield_for_email_servers
1 CVE
Securityshield For Microsoft Isa Server
securityshield_for_microsoft_isa_server
1 CVE
Securityshield For Microsoft Sharepoint
securityshield_for_microsoft_sharepoint
1 CVE
Total Protection For Endpoint
total_protection_for_endpoint
1 CVE
Virusscan Commandline
virusscan_commandline
1 CVE
Virusscan Plus
virusscan_plus
1 CVE

CVEs (602)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-6700
1Mcafee
1True Key
Nov 21, 2024
Sep 24, 2018
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware.
CVE-2018-6682
1Mcafee
1True Key
Nov 21, 2024
Sep 24, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site.
CVE-2018-6690
1Mcafee
1Application Change Control
Nov 21, 2024
Sep 18, 2018
N/A· v4
7.1 HIGH· v3
3.6 LOW· v2
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary cod...Show more
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.Show less
CVE-2017-3912
1Mcafee
1Application And Change Control
Nov 21, 2024
Sep 18, 2018
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.
CVE-2018-6693
1Mcafee
2Endpoint Security For Linux Threat Prevention
Endpoint Security Linux Threat Prevention
Nov 21, 2024
Sep 18, 2018
N/A· v4
5.3 MEDIUM· v3
3.3 LOW· v2
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specif...Show more
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files.Show less
CVE-2018-6686
1Mcafee
1Drive Encryption
Nov 21, 2024
Jul 27, 2018
N/A· v4
6.6 MEDIUM· v3
4.6 MEDIUM· v2
Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances.
CVE-2018-6683
1Mcafee
1Data Loss Prevention Endpoint
Nov 21, 2024
Jul 23, 2018
N/A· v4
7.4 HIGH· v3
4.6 MEDIUM· v2
Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing...Show more
Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline.Show less
CVE-2018-6678
1Mcafee
1Mcafee Web Gateway
Nov 21, 2024
Jul 23, 2018
N/A· v4
9.1 CRITICAL· v3
6.5 MEDIUM· v2
Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.
CVE-2018-6677
1Mcafee
1Mcafee Web Gateway
Nov 21, 2024
Jul 23, 2018
N/A· v4
9.1 CRITICAL· v3
9.0 HIGH· v2
Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors.
CVE-2018-6681
1Mcafee
1Network Security Manager
Nov 21, 2024
Jul 17, 2018
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Abuse of Functionality vulnerability in the web interface in McAfee Network Security Management (NSM) 9.1.7.11 and earlier allows authenticated users to allow arbitrary HTML code to be reflected in the response web page...Show more
Abuse of Functionality vulnerability in the web interface in McAfee Network Security Management (NSM) 9.1.7.11 and earlier allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via appliance web interface.Show less
CVE-2018-6667
1Mcafee
1Mcafee Web Gateway
Nov 21, 2024
Jun 26, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX).
CVE-2018-6672
1Mcafee
1Epolicy Orchestrator
Nov 21, 2024
Jun 15, 2018
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.
CVE-2018-6671
1Mcafee
1Epolicy Orchestrator
Nov 21, 2024
Jun 15, 2018
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some...Show more
Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted HTTP request.Show less
CVE-2017-3936
1Mcafee
1Epolicy Orchestrator
Nov 21, 2024
Jun 13, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited privileges via not sanitizing the use...Show more
OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited privileges via not sanitizing the user input data before exporting it into a CSV format output.Show less
CVE-2017-3907
1Mcafee
1Mcafee Threat Intelligence Exchange
Nov 21, 2024
Jun 13, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the...Show more
Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.Show less
CVE-2017-3968
1Mcafee
2Network Data Loss Prevention
Network Security Manager
Nov 21, 2024
Jun 13, 2018
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) before 9.3.4.1.5 allows remote attackers to disclose sensitive...Show more
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) before 9.3.4.1.5 allows remote attackers to disclose sensitive information or manipulate the database via a crafted authentication cookie.Show less
CVE-2017-3962
1Mcafee
1Network Security Manager
Nov 21, 2024
Jun 12, 2018
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashe...Show more
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes.Show less
CVE-2017-3960
1Mcafee
1Network Security Manager
Nov 21, 2024
Jun 12, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter.
CVE-2018-6670
1Mcafee
1Common Catalog
Nov 21, 2024
Jun 7, 2018
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows remote authenticated users to view confidential information via a crafted HTTP request parameter.
CVE-2018-6662
1Mcafee
1Management Of Native Encryption
Nov 21, 2024
Jun 5, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
Privilege Escalation vulnerability in McAfee Management of Native Encryption (MNE) before 4.1.4 allows local users to gain elevated privileges via a crafted user input.