Lucene search
K

4264 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:8 a.m.10 views

CVE-2020-7297

Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to access protected dashboard data via improper access control in the user interface...

5.7CVSS6.7AI score0.00432EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:8 a.m.5 views

CVE-2020-7307

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention DLP for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials...

5.2CVSS7.1AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:8 a.m.7 views

CVE-2020-7316

Unquoted service path vulnerability in McAfee File and Removable Media Protection FRP prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered...

7.8CVSS7.3AI score0.00385EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:8 a.m.8 views

CVE-2020-7303

Cross Site scripting vulnerability in McAfee Data Loss Prevention DLP ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new label...

4.1CVSS6.3AI score0.00436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.8 views

CVE-2020-7317

Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator ePO prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed...

4.6CVSS6.1AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.9 views

CVE-2020-7300

Improper Authorization vulnerability in McAfee Data Loss Prevention DLP ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via carefully constructed HTTP post messages...

6.3CVSS6.8AI score0.00595EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.6 views

CVE-2020-7308

Cleartext Transmission of Sensitive Information between McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence GTI servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining...

6.5CVSS7.1AI score0.00509EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.7 views

CVE-2020-7258

Cross site scripting vulnerability in McAfee Network Security Management NSM Prior to 9.1 update 6 Mar 2020 Update allows attackers to unspecified impact via unspecified vectors...

4.8CVSS6.5AI score0.00517EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.11 views

CVE-2020-7294

Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface...

4.6CVSS6.8AI score0.00389EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.16 views

CVE-2020-7339

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors...

6.3CVSS6.8AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.7 views

CVE-2020-7296

Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface...

5.7CVSS6.7AI score0.00432EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.8 views

CVE-2020-7269

Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense ATD prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deploy...

4.9CVSS6.1AI score0.00726EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.10 views

CVE-2020-7252

Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer DXL Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files...

5.5CVSS6.6AI score0.00504EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.6 views

CVE-2020-7270

Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense ATD prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deploy...

4.9CVSS6.1AI score0.00821EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.8 views

CVE-2020-7306

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention DLP for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text...

5.2CVSS7.1AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.8 views

CVE-2021-31848

Cross site scripting XSS vulnerability in McAfee Data Loss Prevention DLP ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the...

8.4CVSS5.7AI score0.00786EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.8 views

CVE-2021-31840

A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...

7.3CVSS7.2AI score0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.7 views

CVE-2021-31853

DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption MDE prior to 7.3.0 HF2 7.3.0.183 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder...

7.8CVSS7.7AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.9 views

CVE-2021-31844

A buffer overflow vulnerability in McAfee Data Loss Prevention DLP Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro .sam files onto the local system and triggering a DLP Endpoint scan...

8.2CVSS7.8AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.10 views

CVE-2021-31849

SQL injection vulnerability in McAfee Data Loss Prevention DLP ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension...

8.4CVSS7.7AI score0.01044EPSS
Exploits0References1
Rows per page
Query Builder