Vulnerabilities > Mcafee
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-12 | CVE-2018-6704 | Unspecified vulnerability in Mcafee Agent Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions. | 7.8 |
| 2018-12-11 | CVE-2018-6703 | Use After Free vulnerability in Mcafee Agent Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service. | 9.8 |
| 2018-12-07 | CVE-2018-18311 | Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | 9.8 |
| 2018-12-06 | CVE-2018-6757 | Unspecified vulnerability in Mcafee True KEY Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. | 7.8 |
| 2018-12-06 | CVE-2018-6756 | Unspecified vulnerability in Mcafee True KEY Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware. | 7.8 |
| 2018-12-06 | CVE-2018-6755 | Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee True KEY Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. | 7.8 |
| 2018-10-03 | CVE-2018-6695 | Unspecified vulnerability in Mcafee Threat Intelligence Exchange Server SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment. | 5.9 |
| 2018-10-03 | CVE-2018-6689 | Improper Authentication vulnerability in Mcafee Data Loss Prevention Endpoint Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions. | 7.8 |
| 2018-09-24 | CVE-2018-6700 | Untrusted Search Path vulnerability in Mcafee True KEY DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware. | 7.8 |
| 2018-09-24 | CVE-2018-6682 | Cross-site Scripting vulnerability in Mcafee True KEY 4.0.0.0 Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site. | 6.1 |