Vulnerabilities (CVE)

Filtered by vendor Mcafee Subscribe
Filtered by product Enterprise Security Manager
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3629 1 Mcafee 1 Enterprise Security Manager 2024-02-04 4.3 MEDIUM 6.5 MEDIUM
Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters.
CVE-2019-3644 1 Mcafee 4 Active Response, Advanced Threat Defense, Enterprise Security Manager and 1 more 2024-02-04 5.0 MEDIUM 7.5 HIGH
McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies.
CVE-2019-3630 1 Mcafee 1 Enterprise Security Manager 2024-02-04 6.5 MEDIUM 7.2 HIGH
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
CVE-2019-3628 1 Mcafee 1 Enterprise Security Manager 2024-02-04 6.5 MEDIUM 8.8 HIGH
Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.
CVE-2019-3632 1 Mcafee 1 Enterprise Security Manager 2024-02-04 6.5 MEDIUM 8.8 HIGH
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
CVE-2019-3631 1 Mcafee 1 Enterprise Security Manager 2024-02-04 6.5 MEDIUM 7.2 HIGH
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.
CVE-2019-3643 1 Mcafee 4 Active Response, Advanced Threat Defense, Enterprise Security Manager and 1 more 2024-02-04 5.0 MEDIUM 7.5 HIGH
McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies.
CVE-2015-7704 6 Citrix, Debian, Mcafee and 3 more 14 Xenserver, Debian Linux, Enterprise Security Manager and 11 more 2024-02-04 5.0 MEDIUM 7.5 HIGH
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
CVE-2015-7310 1 Mcafee 3 Enterprise Security Manager, Enterprise Security Manager\/log Manager, Enterprise Security Manager\/receiver 2024-02-04 6.5 MEDIUM N/A
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file.