Vulnerabilities > Mcafee
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-01 | CVE-2019-3604 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Epolicy Orchestrator Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors. | 8.8 |
| 2019-01-28 | CVE-2019-3593 | Unspecified vulnerability in Mcafee Total Protection Exploitation of Privilege/Trust vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.R18 allows local users to bypass product self-protection, tamper with policies and product files, and uninstall McAfee software without permission via specially crafted malware. | 7.1 |
| 2019-01-23 | CVE-2019-3587 | Untrusted Search Path vulnerability in Mcafee Total Protection 4.0.161.1/4.0.176.1/4.6 DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder. | 6.5 |
| 2019-01-23 | CVE-2019-3584 | Improper Authentication vulnerability in Mcafee Mvision Endpoint Exploitation of Authentication vulnerability in MVision Endpoint in McAfee MVision Endpoint Prior to 1811 Update 1 (18.11.31.62) allows authenticated administrator users --> administrators to Remove MVision Endpoint via unspecified vectors. | 6.0 |
| 2019-01-09 | CVE-2019-3581 | Improper Input Validation vulnerability in Mcafee web Gateway Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter. | 7.5 |
| 2018-12-31 | CVE-2018-6668 | Unspecified vulnerability in Mcafee Application Change Control 6.2.0/7.0.0/7.0.1 A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows execution bypass, for example, with simple DLL through interpreters such as PowerShell. | 7.8 |
| 2018-12-20 | CVE-2018-6669 | Forced Browsing vulnerability in Mcafee Application Change Control 6.2.0/7.0.0/7.0.1 A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows a remote or local user to execute blacklisted files through an ASP.NET form. | 8.0 |
| 2018-12-14 | CVE-2018-6707 | Resource Exhaustion vulnerability in Mcafee Agent Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to cause DoS, unexpected behavior, or potentially unauthorized code execution via knowledge of the internal trust mechanism. | 7.0 |
| 2018-12-12 | CVE-2018-6706 | Unspecified vulnerability in Mcafee Agent Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors. | 7.5 |
| 2018-12-12 | CVE-2018-6705 | Unspecified vulnerability in Mcafee Agent Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions. | 7.8 |