Vulnerabilities > Mcafee > Mcafee Agent > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-09-10 CVE-2020-7315 Untrusted Search Path vulnerability in Mcafee Agent 5.0.0
DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.
local
low complexity
mcafee CWE-426
6.7
2017-02-13 CVE-2017-3896 Improper Input Validation vulnerability in Mcafee Agent
Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated.
network
mcafee CWE-20
4.3
2015-09-18 CVE-2015-7237 Path Traversal vulnerability in Mcafee Agent 5.0.0/5.0.1
Directory traversal vulnerability in the remote log viewing functionality in McAfee Agent (MA) 5.x before 5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.
network
low complexity
mcafee CWE-22
5.0
2015-02-23 CVE-2015-2053 Improper Input Validation vulnerability in Mcafee Agent 4.8.0/5.0.0
The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote attackers to conduct clickjacking attacks via a crafted web page, aka an "http-generic-click-jacking" vulnerability.
network
mcafee CWE-20
4.3