mcafee inc.

Top products

The 15 most recently published vulnerabilities affecting mcafee inc..

• CVE-2024-49592Trial installer for McAfee Total Protection (legacy trial installer software) 16.0.53 allows local privilege escalation because of an Uncontrolled Search Path Element. The attacker could be "an adv...6.7Nov 15, 2024
• CVE-2024-34406Improper exception handling in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to cause a denial of service through the use of a malformed deep link.5.3Jun 11, 2024
• CVE-2024-34405Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to launch an arbitrary URL within the app.9.1Jun 11, 2024
• CVE-2023-40352McAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs.7.2Aug 21, 2023
• CVE-2023-25134McAfee Total Protection prior to 16.0.50 may allow an adversary (with full administrative access) to modify a McAfee specific Component Object Model (COM) in the Windows Registry. This can result i...6.7Mar 21, 2023
• CVE-2023-24579McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt.5.5Mar 13, 2023
• CVE-2023-24578McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks.5.5Mar 13, 2023
• CVE-2023-24577McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute una...5.5Mar 13, 2023
• BDU:2022-06571Уязвимость антивирусного программного средства McAfee Web Reporter Premium, существующая из-за недостаточного ограничения доступа к сервлетам invoker/EJBInvokerServlet и invoker/JMXInvokerServlet, позволяющая нарушителю выполнить произвольный Java-код8.8Nov 2, 2022
• CVE-2022-37025An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land...7.8Aug 18, 2022
• CVE-2022-2313DLL high jacking in Trellix Agent8.2Jul 27, 2022
• CVE-2022-1257Improper Verification of Cryptographic Signature by McAfee Agent6.1Apr 14, 2022
• CVE-2022-1258SQL injection vulnerability in McAfee Agent's ePO extension8.4Apr 14, 2022
• CVE-2022-1256Improper Privilege Management in McAfee Agent for Windows7.8Apr 14, 2022
• CVE-2022-0280McAfee Total Protection (MTP) - File Deletion vulnerability7.5Mar 10, 2022