Check CVE Id
Check CWE Id
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
(Improper Neutralization of Special Elements used in a Command ('Command Injection'))
Enterprise security manager
CVSS Base Score
Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.
Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with acc...
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker...
Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x prior to 220.127.116.11 allows remote attackers to collect sensitive information or execute commands with the MWG administrator's credentials via t...
McAfee Web Gateway (MWG) earlier than 18.104.22.168 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies.
McAfee Web Gateway (MWG) earlier than 22.214.171.124 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies.
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 126.96.36.199 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unall...
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 188.8.131.52 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and...
Back to Top