4264 matches found
CVE-2021-31841
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability to execute...
CVE-2021-31854
A command Injection Vulnerability in McAfee Agent MA for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the...
CVE-2021-31845
A buffer overflow vulnerability in McAfee Data Loss Prevention DLP Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro .sam files onto a machine and having DLP Discover scan it, leading to...
CVE-2021-31847
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user,...
CVE-2022-0166
A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary cod...
CVE-2022-0129
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library DLL gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process wa...
CVE-2020-7284
Exposure of Sensitive Information in McAfee Network Security Management NSM prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface CLI...
CVE-2020-7330
Privilege Escalation vulnerability in McAfee Total Protection MTP trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables...
CVE-2020-7293
Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface...
CVE-2020-7298
Unexpected behavior violation in McAfee Total Protection MTP prior to 16.0.R26 allows local users to turn off real time scanning via a specially crafted object making a specific function call...
CVE-2020-7335
Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection MTP prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link. This exploits a lack of protection through a timing issue and is only...
CVE-2020-7281
Privilege Escalation vulnerability in McAfee Total Protection MTP prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious...
CVE-2020-7304
Cross site request forgery vulnerability in McAfee Data Loss Prevention DLP ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label...
CVE-2013-6349
McAfee Email Gateway MEG 7.0 before 7.0.4 and 7.5 before 7.5.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors...
EUVD-2020-28436
Malware in sbrugna...
EUVD-2021-10809
Malware in sbrugna...
EUVD-2020-28386
Malware in sbrugna...
EUVD-2006-6457
Malware in sbrugna...
EUVD-2015-3109
Malware in sbrugna...
EUVD-2020-28464
Malware in sbrugna...