PT-2024-33109 · Mcafee · Mcafee Epo

Name of the Vulnerable Software and Affected Versions: McAfee ePO affected versions not specified Description: The issue concerns insecure direct object references, allowing a least privileged user to manipulate client tasks and client task assignments. This can lead to privilege escalation, as t...

CVE-2019-3595

Improper Neutralization of Special Elements used in a Command 'Command Injection' in ePO extension in McAfee Data Loss Prevention DLP 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is...

Code injection

Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters...

CVE-2017-3934

Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows man-in-the-middle attackers to expose confidential data via read files on the webserver...

CVE-2017-4014

Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP request...

McAfee Subscription Manager ActiveX buffer overflow

Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...