Mcafee

Epolicy Orchestrator

86 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-23890

  • EPSS 0.72%
  • Veröffentlicht 26.03.2021 10:15:12
  • Zuletzt bearbeitet 21.11.2024 05:52:00

Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install th...

6.3

CVE-2021-23888

  • EPSS 0.5%
  • Veröffentlicht 26.03.2021 10:15:11
  • Zuletzt bearbeitet 21.11.2024 05:52:00

Unvalidated client-side URL redirect vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 could cause an authenticated ePO user to load an untrusted site in an ePO iframe which could steal information from the authenticated user...

7.5

CVE-2021-23840

  • EPSS 0.57%
  • Veröffentlicht 16.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:51:55

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value ...

5.8

CVE-2020-14792

  • EPSS 0.16%
  • Veröffentlicht 21.10.2020 15:15:19
  • Zuletzt bearbeitet 27.05.2025 16:40:24

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthent...

4.3

CVE-2020-14782

  • EPSS 0.14%
  • Veröffentlicht 21.10.2020 15:15:18
  • Zuletzt bearbeitet 27.05.2025 16:40:51

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthe...

4.3

CVE-2020-7318

  • EPSS 12.52%
  • Veröffentlicht 14.10.2020 19:15:14
  • Zuletzt bearbeitet 21.11.2024 05:37:03

Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.

4.3

CVE-2020-7317

  • EPSS 0.14%
  • Veröffentlicht 14.10.2020 19:15:14
  • Zuletzt bearbeitet 21.11.2024 05:37:03

Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.

5

CVE-2020-14621

  • EPSS 0.46%
  • Veröffentlicht 15.07.2020 18:15:27
  • Zuletzt bearbeitet 27.05.2025 16:33:09

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenti...

4.3

CVE-2020-14581

  • EPSS 0.39%
  • Veröffentlicht 15.07.2020 18:15:24
  • Zuletzt bearbeitet 27.05.2025 16:38:37

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated a...

4.3

CVE-2020-14579

  • EPSS 0.16%
  • Veröffentlicht 15.07.2020 18:15:23
  • Zuletzt bearbeitet 27.05.2025 16:36:39

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated att...