Vulnerabilities > Mcafee > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-15 CVE-2020-0543 Incomplete Cleanup vulnerability in multiple products
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
5.5
2020-06-10 CVE-2019-3588 Improper Privilege Management vulnerability in Mcafee Virusscan Enterprise 8.8
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.
low complexity
mcafee CWE-269
6.8
2020-04-15 CVE-2020-2830 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). 5.3
2020-04-15 CVE-2020-2781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). 5.3
2020-04-15 CVE-2020-7255 Improper Privilege Management vulnerability in Mcafee Endpoint Security
Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface.
local
low complexity
mcafee CWE-269
4.4
2020-04-15 CVE-2020-7277 Unspecified vulnerability in Mcafee Endpoint Security
Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.
local
low complexity
mcafee
5.3
2020-04-15 CVE-2020-7276 Improper Authentication vulnerability in Mcafee Endpoint Security
Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool.
local
low complexity
mcafee CWE-287
6.7
2020-04-15 CVE-2020-7275 Unquoted Search Path or Element vulnerability in Mcafee Endpoint Security
Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.
local
low complexity
mcafee CWE-428
5.3
2020-04-15 CVE-2020-7273 Improper Privilege Management vulnerability in Mcafee Endpoint Security
Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters.
local
low complexity
mcafee CWE-269
5.5
2020-04-15 CVE-2020-7261 Classic Buffer Overflow vulnerability in Mcafee Endpoint Security
Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.
local
low complexity
mcafee CWE-120
5.5