Every CVE whose affected-product data names Mcafee Agent, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2018-6703 — CVSS 9.8 (critical): Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote…
CVE-2021-1257 — CVSS 8.8 (high): A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to…
CVE-2022-1258 — CVSS 8.4 (high): A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated…
CVE-2021-31847 — CVSS 8.2 (high): Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to…
CVE-2022-2313 — CVSS 8.2 (high): A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and…
CVE-2018-6704 — CVSS 7.8 (high): Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform…
CVE-2022-1256 — CVSS 7.8 (high): A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges…
CVE-2018-6705 — CVSS 7.8 (high): Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform…
CVE-2022-0166 — CVSS 7.8 (high): A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify…
CVE-2021-31854 — CVSS 7.7 (high): A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into…
CVE-2019-3599 — CVSS 7.5 (high): Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote…
CVE-2018-6706 — CVSS 7.5 (high): Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to…
CVE-2019-3592 — CVSS 7.2 (high): Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some…
CVE-2022-1257 — CVSS 6.1 (medium): Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain…
CVE-2019-3613 — CVSS 5.9 (medium): DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code…
CVE-2019-1559 — CVSS 5.9 (medium): If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive…
CVE-2020-7253 — CVSS 5.7 (medium): Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to…
CVE-2020-7343 — CVSS 5.5 (medium): Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by…
CVE-2008-1357 — CVSS 5.4 (medium): Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and…
CVE-2019-3598 — CVSS 5.3 (medium): Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a denial of…
CVE-2015-8987 — CVSS 5.3 (medium): Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier…
CVE-2016-3984 — CVSS 5.1 (medium): The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392…
CVE-2013-3627 — CVSS 5.0 (medium): FrameworkService.exe in McAfee Framework Service in McAfee Managed Agent (MA) before 4.5.0.1927 and 4.6 before 4.6.0.3258 allows remote…
CVE-2021-31839 — CVSS 4.8 (medium): Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in…
CVE-2018-6707 — CVSS 3.7 (low): Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5.0.0 through 5.0.6, 5.5.0, and…