Known Vulnerabilities for products from Mcafee
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Mcafee".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Mcafee can be found at device.report : Mcafee
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-40352 json | McAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loadin... | 7.2 - HIGH | 2023-08-21 | 2023-08-25 |
| CVE-2023-25134 json | McAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific... | 6.7 - MEDIUM | 2023-03-21 | 2023-03-27 |
| CVE-2023-24579 json | McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command... | 5.5 - MEDIUM | 2023-03-13 | 2023-03-22 |
| CVE-2023-24578 json | McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enabl... | 5.5 - MEDIUM | 2023-03-13 | 2023-03-22 |
| CVE-2023-24577 json | McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via regi... | 5.5 - MEDIUM | 2023-03-13 | 2023-03-22 |
| CVE-2023-3946 json | A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attack... | 6.1 - MEDIUM | 2023-07-26 | 2023-08-03 |
| CVE-2023-0978 json | A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inje... | 6.7 - MEDIUM | 2023-03-13 | 2023-11-07 |
| CVE-2023-0221 json | Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator pr... | 4.4 - MEDIUM | 2023-01-13 | 2023-11-07 |
| CVE-2022-43751 json | McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of... | 7.8 - HIGH | 2022-11-23 | 2022-11-28 |
| CVE-2022-37025 json | An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user ... | 7.8 - HIGH | 2022-08-18 | 2022-08-19 |
| CVE-2022-3339 json | A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker ... | 6.1 - MEDIUM | 2022-10-18 | 2022-10-20 |
| CVE-2022-3338 json | An External XML entity (XXE) vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to p... | 5.4 - MEDIUM | 2022-10-18 | 2022-10-20 |
| CVE-2022-2330 json | Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a re... | 6.5 - MEDIUM | 2022-08-30 | 2023-11-15 |
| CVE-2022-2313 json | A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbit... | 7.3 - HIGH | 2022-07-27 | 2023-11-07 |
| CVE-2022-2188 json | Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privilege... | 5.5 - MEDIUM | 2022-11-07 | 2023-11-07 |
| CVE-2022-1824 json | An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a loc... | 8.2 - HIGH | 2022-06-20 | 2023-11-15 |
| CVE-2022-1823 json | Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a l... | 7.8 - HIGH | 2022-06-20 | 2023-11-16 |
| CVE-2022-1258 json | A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an a... | 7.2 - HIGH | 2022-04-14 | 2023-11-15 |
| CVE-2022-1257 json | Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local use... | 5.5 - MEDIUM | 2022-04-14 | 2023-11-07 |
| CVE-2022-1256 json | A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system... | 7.8 - HIGH | 2022-04-14 | 2023-11-07 |
Known software with vulnerabilities from Mcafee
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Mcafee | Active Response | 1.0.0 |
| Application | Mcafee | Advanced Threat Defense | 3.10 |
| Application | Mcafee | Agent | - |
| Application | Mcafee | Anti-virus Plus | - |
| Application | Mcafee | Antispyware | - |
| Application | Mcafee | Antispyware Enterprise Module | 8.7.0.129 |
| Application | Mcafee | Antivirus Engine | - |
| Application | Mcafee | Application And Change Control | - |
| Application | Mcafee | Application Change Control | 6.2.0 |
| Application | Mcafee | Application Control | 5.1.0 |
| Application | Mcafee | Asap Virusscan | - |
| Application | Mcafee | Asset Baseline Monitor | 3.5.0 |
| Application | Mcafee | Asset Baseline Monitor Agent | 3.5.0 |
| Application | Mcafee | Asset Manager | 6.6 |
| Application | Mcafee | Change Control | 5.1.0 |
| Application | Mcafee | Client Proxy | 3.0.0 |
| Application | Mcafee | Cloud Analysis And Deconstructive Services | 1.0.0.3 |
| Application | Mcafee | Cloud Identity Manager | 3.0 |
| Application | Mcafee | Cloud Single Sign On | 4.0.0 |
| Application | Mcafee | Common Catalog | 2.0.0 |