Filtered by vendor Mcafee
Subscriptions
Total
603 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-3946 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-08-02 | 5.4 Medium |
A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to limited access to sensitive information and limited ability to alter some information in ePO. | ||||
CVE-2023-0978 | 2 Mcafee, Trellix | 2 Advanced Threat Defense, Intelligent Sandbox | 2024-08-02 | 6.4 Medium |
A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack | ||||
CVE-2023-0221 | 1 Mcafee | 1 Application And Change Control | 2024-08-02 | 4.4 Medium |
Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. |