← Back

Mcafee

mcafee

602 CVEs • 137 products

Products (137)

Click to collapse
Toggle
Epolicy Orchestrator
epolicy_orchestrator
86 CVEs
Web Gateway
web_gateway
41 CVEs
Endpoint Security
endpoint_security
37 CVEs
Network Data Loss Prevention
network_data_loss_prevention
31 CVEs
Virusscan Enterprise
virusscan_enterprise
29 CVEs
Total Protection
total_protection
26 CVEs
Data Loss Prevention Endpoint
data_loss_prevention_endpoint
26 CVEs
Advanced Threat Defense
advanced_threat_defense
26 CVEs
Agent
agent
25 CVEs
Email Gateway
email_gateway
20 CVEs
Network Security Manager
network_security_manager
19 CVEs
Gateway
gateway
13 CVEs
Scan Engine
scan_engine
12 CVEs
Data Loss Prevention
data_loss_prevention
12 CVEs
Virusscan
virusscan
10 CVEs
Email And Web Security
email_and_web_security
10 CVEs
Mcafee Agent
mcafee_agent
10 CVEs
Antivirus Engine
antivirus_engine
9 CVEs
Enterprise Security Manager
enterprise_security_manager
9 CVEs
Policy Auditor
policy_auditor
9 CVEs
True Key
true_key
8 CVEs
Database Security
database_security
8 CVEs
Application Control
application_control
7 CVEs
Active Response
active_response
7 CVEs
Security Scan Plus
security_scan_plus
7 CVEs
Threat Intelligence Exchange Server
threat_intelligence_exchange_server
7 CVEs
Protectionpilot
protectionpilot
6 CVEs
E Business Server
e-business_server
6 CVEs
Enterprise Mobility Manager
enterprise_mobility_manager
6 CVEs
Vulnerability Manager
vulnerability_manager
6 CVEs
Application And Change Control
application_and_change_control
6 CVEs
Mvision Endpoint
mvision_endpoint
6 CVEs
Internet Security Suite
internet_security_suite
5 CVEs
Common Management Agent
common_management_agent
5 CVEs
Data Exchange Layer
data_exchange_layer
5 CVEs
Mcafee Web Gateway
mcafee_web_gateway
4 CVEs
Intrushield Security Management System
intrushield_security_management_system
3 CVEs
Virex
virex
3 CVEs
Epolicy Orchestrator Agent
epolicy_orchestrator_agent
3 CVEs
Saas Endpoint Protection
saas_endpoint_protection
3 CVEs
Change Control
change_control
3 CVEs
File And Removable Media Protection
file_and_removable_media_protection
3 CVEs
Host Intrusion Prevention
host_intrusion_prevention
3 CVEs
Livesafe
livesafe
3 CVEs
Security Webadvisor
security_webadvisor
3 CVEs
Cloud Av
cloud_av
3 CVEs
Drive Encryption
drive_encryption
3 CVEs
Application Change Control
application_change_control
3 CVEs
Webadvisor
webadvisor
3 CVEs
Endpoint Detection And Response
endpoint_detection_and_response
3 CVEs
Webshield Smtp
webshield_smtp
2 CVEs
Personal Firewall Plus
personal_firewall_plus
2 CVEs
Security Center
security_center
2 CVEs
Cma
cma
2 CVEs
Smartfilter
smartfilter
2 CVEs
Intrushield Network Security Manager
intrushield_network_security_manager
2 CVEs
Enterprise Mobility Manager Agent
enterprise_mobility_manager_agent
2 CVEs
Mcafee Virtual Technician
mcafee_virtual_technician
2 CVEs
Epo Mcafee Virtual Technician
epo_mcafee_virtual_technician
2 CVEs
Superscan
superscan
2 CVEs
Cloud Single Sign On
cloud_single_sign_on
2 CVEs
Asset Manager
asset_manager
2 CVEs
Epo Deep Command
epo_deep_command
2 CVEs
Threat Intelligence Exchange
threat_intelligence_exchange
2 CVEs
File Lock
file_lock
2 CVEs
Anti Malware Scan Engine
anti-malware_scan_engine
2 CVEs
Anti Virus Plus
anti-virus_plus
2 CVEs
Internet Security
internet_security
2 CVEs
Endpoint Security For Linux Threat Prevention
endpoint_security_for_linux_threat_prevention
2 CVEs
Getsusp
getsusp
2 CVEs
Techcheck
techcheck
2 CVEs
Network Security Management
network_security_management
2 CVEs
Web Gateway Cloud Service
web_gateway_cloud_service
2 CVEs
Consumer Product Removal Tool
consumer_product_removal_tool
2 CVEs
Asap Virusscan
asap_virusscan
1 CVE
Remote Desktop 32
remote_desktop_32
1 CVE
Entercept Agent
entercept_agent
1 CVE
Freescan
freescan
1 CVE
Security Installer Control System
security_installer_control_system
1 CVE
Mcinsctl.dll
mcinsctl.dll
1 CVE
Virusscan Security Center
virusscan_security_center
1 CVE
Antispyware
antispyware
1 CVE
Privacy Service
privacy_service
1 CVE
Quickclean
quickclean
1 CVE
Spamkiller
spamkiller
1 CVE
Wireless Home Network Security
wireless_home_network_security
1 CVE
Network Agent
network_agent
1 CVE
Neotrace
neotrace
1 CVE
Visual Trace
visual_trace
1 CVE
Securitycenter Agent
securitycenter_agent
1 CVE
Mcafee Framework
mcafee_framework
1 CVE
Encrypted Usb Manager
encrypted_usb_manager
1 CVE
Active Virus Defense
active_virus_defense
1 CVE
Active Virusscan
active_virusscan
1 CVE
Securityshield For Email Servers
securityshield_for_email_servers
1 CVE
Securityshield For Microsoft Isa Server
securityshield_for_microsoft_isa_server
1 CVE
Securityshield For Microsoft Sharepoint
securityshield_for_microsoft_sharepoint
1 CVE
Total Protection For Endpoint
total_protection_for_endpoint
1 CVE
Virusscan Commandline
virusscan_commandline
1 CVE
Virusscan Plus
virusscan_plus
1 CVE

CVEs (602)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-7612
1Mcafee
1Vulnerability Manager
May 6, 2026
Oct 1, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations page in Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.9 and earlier allow remote attackers to hijack the authentication of ad...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations page in Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors.Show less
CVE-2015-7310
1Mcafee
3Enterprise Security Manager
Enterprise Security Manager/log ManagerEnterprise Security Manager/receiver
May 6, 2026
Sep 22, 2015
N/A· v4
N/A· v3
6.5 MEDIUM· v2
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote...Show more
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file.Show less
CVE-2015-7238
1Mcafee
1Threat Intelligence Exchange
May 6, 2026
Sep 18, 2015
N/A· v4
N/A· v3
2.1 LOW· v2
The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by...Show more
The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files.Show less
CVE-2015-7237
1Mcafee
1Mcafee Agent
May 6, 2026
Sep 18, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in the remote log viewing functionality in McAfee Agent (MA) 5.x before 5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2015-2859
1Mcafee
1Epolicy Orchestrator
May 6, 2026
Jun 23, 2015
N/A· v4
N/A· v3
5.8 MEDIUM· v2
Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle atta...Show more
Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.Show less
CVE-2015-4559
1Mcafee
1Epolicy Orchestrator
May 6, 2026
Jun 15, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web services in Intel McAfee ePolicy Orchestrator (ePO) before 5.1.2 allows remote attackers to inject arbitrary web script or H...Show more
Cross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web services in Intel McAfee ePolicy Orchestrator (ePO) before 5.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2015-3987
1Mcafee
1Epo Deep Command
May 6, 2026
May 14, 2015
N/A· v4
N/A· v3
7.2 HIGH· v2
Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors.
CVE-2015-3030
1Mcafee
1Advanced Threat Defense
May 6, 2026
Apr 8, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The web interface in McAfee Advanced Threat Defense (MATD) before 3.4.4.63 allows remote authenticated users to obtain sensitive configuration information via unspecified vectors.
CVE-2015-3029
1Mcafee
1Advanced Threat Defense
May 6, 2026
Apr 8, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The web interface in McAfee Advanced Threat Defense (MATD) before 3.4.4.63 does not properly restrict access, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVE-2015-3028
1Mcafee
1Advanced Threat Defense
May 6, 2026
Apr 8, 2015
N/A· v4
N/A· v3
5.5 MEDIUM· v2
McAfee Advanced Threat Defense (MATD) before 3.4.4.63 allows remote authenticated users to bypass intended restrictions and change or update configuration settings via crafted parameters.
CVE-2015-2760
1Mcafee
1Data Loss Prevention Endpoint
May 6, 2026
Mar 27, 2015
N/A· v4
N/A· v3
3.5 LOW· v2
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HT...Show more
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2015-2759
1Mcafee
1Data Loss Prevention Endpoint
May 6, 2026
Mar 27, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the database via unspecified vectors.Show less
CVE-2015-2758
1Mcafee
1Data Loss Prevention Endpoint
May 6, 2026
Mar 27, 2015
N/A· v4
N/A· v3
6.5 MEDIUM· v2
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other uns...Show more
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL.Show less
CVE-2015-2757
1Mcafee
1Data Loss Prevention Endpoint
May 6, 2026
Mar 27, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license corruption) via unspecifi...Show more
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license corruption) via unspecified vectors.Show less
CVE-2015-2053
1Mcafee
1Mcafee Agent
May 6, 2026
Feb 23, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote attackers to conduct clickjacking attacks via a crafted web pag...Show more
The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote attackers to conduct clickjacking attacks via a crafted web page, aka an "http-generic-click-jacking" vulnerability.Show less
CVE-2015-1619
1Mcafee
1Email Gateway
May 6, 2026
Feb 17, 2015
N/A· v4
N/A· v3
3.5 LOW· v2
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticat...Show more
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages.Show less
CVE-2015-1618
1Mcafee
1Data Loss Prevention Endpoint
May 6, 2026
Feb 17, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL.
CVE-2015-1617
1Mcafee
1Data Loss Prevention Endpoint
May 6, 2026
Feb 17, 2015
N/A· v4
N/A· v3
3.5 LOW· v2
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...Show more
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2015-1616
1Mcafee
1Data Loss Prevention Endpoint
May 6, 2026
Feb 17, 2015
N/A· v4
N/A· v3
6.5 MEDIUM· v2
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.
CVE-2015-1305
1Mcafee
1Data Loss Prevention Endpoint
May 6, 2026
Feb 6, 2015
N/A· v4
N/A· v3
6.9 MEDIUM· v2
McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.