Filtered by vendor Mcafee
Subscriptions
Total
604 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7332 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 7 High |
| Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration. | ||||
| CVE-2020-7331 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 7.8 High |
| Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | ||||
| CVE-2020-7330 | 1 Mcafee | 1 Total Protection | 2024-11-21 | 7.5 High |
| Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables | ||||
| CVE-2020-7329 | 1 Mcafee | 1 Mvision Endpoint | 2024-11-21 | 7.2 High |
| Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers trigger server-side DNS requests to arbitrary domains via carefully constructed XML files loaded by an ePO administrator. | ||||
| CVE-2020-7328 | 1 Mcafee | 1 Mvision Endpoint | 2024-11-21 | 7.2 High |
| External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via improper input validation of an HTTP request, where the content for the attack has been loaded into ePO by an ePO administrator. | ||||
| CVE-2020-7327 | 1 Mcafee | 1 Mvision Endpoint Detection And Response | 2024-11-21 | 6 Medium |
| Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client (MVEDR) prior to 3.2.0 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MVEDR failing open rather than closed | ||||
| CVE-2020-7326 | 1 Mcafee | 1 Active Response | 2024-11-21 | 6 Medium |
| Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MAR failing open rather than closed | ||||
| CVE-2020-7325 | 1 Mcafee | 1 Mvision Endpoint | 2024-11-21 | 5.5 Medium |
| Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file. | ||||
| CVE-2020-7324 | 1 Mcafee | 1 Mvision Endpoint | 2024-11-21 | 6.1 Medium |
| Improper Access Control vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to bypass security mechanisms and deny access to the SYSTEM folder via incorrectly applied permissions. | ||||
| CVE-2020-7323 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 6.9 Medium |
| Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing dependent and requires physical access to the machine. | ||||
| CVE-2020-7322 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 4.7 Medium |
| Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs. | ||||
| CVE-2020-7320 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 6.7 Medium |
| Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services. | ||||
| CVE-2020-7319 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 8.8 High |
| Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file. | ||||
| CVE-2020-7318 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-11-21 | 4.6 Medium |
| Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized. | ||||
| CVE-2020-7317 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-11-21 | 4.6 Medium |
| Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed. | ||||
| CVE-2020-7316 | 1 Mcafee | 1 File And Removable Media Protection | 2024-11-21 | 6.6 Medium |
| Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered. | ||||
| CVE-2020-7315 | 1 Mcafee | 1 Mcafee Agent | 2024-11-21 | 6 Medium |
| DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL. | ||||
| CVE-2020-7314 | 1 Mcafee | 1 Mcafee Agent | 2024-11-21 | 8.2 High |
| Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files. | ||||
| CVE-2020-7312 | 1 Mcafee | 1 Mcafee Agent | 2024-11-21 | 7.8 High |
| DLL Search Order Hijacking Vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. | ||||
| CVE-2020-7311 | 1 Mcafee | 1 Mcafee Agent | 2024-11-21 | 7.8 High |
| Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files. | ||||