Vulnerabilities (CVE)

Vendor filter

Mcafee Subscribe

Product filter

Web Gateway Subscribe

Filter

338 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-3652 1 Mcafee 1 Endpoint Security 2019-10-15 4.6
Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with...
CVE-2019-3653 1 Mcafee 1 Endpoint Security 2019-10-15 2.1
Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.
CVE-2019-3646 1 Mcafee 1 Total Protection 2019-10-09 6.0
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an...
CVE-2019-3644 1 Mcafee 4 Active Response, Advanced Threat Defense, Enterprise Security Manager and 1 more 2019-10-09 5.0
McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies.
CVE-2019-3643 1 Mcafee 4 Active Response, Advanced Threat Defense, Enterprise Security Manager and 1 more 2019-10-09 5.0
McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies.
CVE-2019-3639 1 Mcafee 1 Web Gateway 2019-10-09 5.8
Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options...
CVE-2019-3638 1 Mcafee 1 Web Gateway 2019-10-09 4.3
Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x prior to 7.8.2.13 allows remote attackers to collect sensitive information or execute commands with the MWG administrator's credentials...
CVE-2019-3637 1 Mcafee 1 File And Removable Media Protection 2019-10-09 4.6
Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.209 allows local users to gain elevated privileges via running McAfee Tray with elevated privileges.
CVE-2019-3635 1 Mcafee 1 Web Gateway 2019-10-09 4.3
Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe.
CVE-2019-3634 1 Mcafee 1 Data Loss Prevention Endpoint 2019-10-09 4.9
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading...
CVE-2019-3633 1 Mcafee 1 Data Loss Prevention Endpoint 2019-10-09 4.9
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks...
CVE-2019-3632 1 Mcafee 1 Enterprise Security Manager 2019-10-09 6.5
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
CVE-2019-3631 1 Mcafee 1 Enterprise Security Manager 2019-10-09 6.5
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
CVE-2019-3630 1 Mcafee 1 Enterprise Security Manager 2019-10-09 6.5
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
CVE-2019-3629 1 Mcafee 1 Enterprise Security Manager 2019-10-09 4.3
Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters.
CVE-2019-3628 1 Mcafee 1 Enterprise Security Manager 2019-10-09 6.5
Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.
CVE-2019-3621 1 Mcafee 1 Data Loss Prevention Endpoint 2019-10-09 4.6
Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being...
CVE-2019-3615 1 Mcafee 1 Database Security 2019-10-09 2.1
Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin browser login screen.
CVE-2019-3610 1 Mcafee 1 True Key 2019-10-09 2.1
Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.
CVE-2019-3606 1 Mcafee 1 Network Security Manager 2019-10-09 N/A
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain...