Mcafee

Epolicy Orchestrator

86 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-23890

  • EPSS 0.72%
  • Published 26.03.2021 10:15:12
  • Last modified 21.11.2024 05:52:00

Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install th...

6.3

CVE-2021-23888

  • EPSS 0.5%
  • Published 26.03.2021 10:15:11
  • Last modified 21.11.2024 05:52:00

Unvalidated client-side URL redirect vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 could cause an authenticated ePO user to load an untrusted site in an ePO iframe which could steal information from the authenticated user...

7.5

CVE-2021-23840

  • EPSS 0.57%
  • Published 16.02.2021 17:15:13
  • Last modified 21.11.2024 05:51:55

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value ...

5.8

CVE-2020-14792

  • EPSS 0.16%
  • Published 21.10.2020 15:15:19
  • Last modified 27.05.2025 16:40:24

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthent...

4.3

CVE-2020-14782

  • EPSS 0.14%
  • Published 21.10.2020 15:15:18
  • Last modified 27.05.2025 16:40:51

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthe...

4.3

CVE-2020-7318

  • EPSS 12.52%
  • Published 14.10.2020 19:15:14
  • Last modified 21.11.2024 05:37:03

Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.

4.3

CVE-2020-7317

  • EPSS 0.14%
  • Published 14.10.2020 19:15:14
  • Last modified 21.11.2024 05:37:03

Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.

5

CVE-2020-14621

  • EPSS 0.46%
  • Published 15.07.2020 18:15:27
  • Last modified 27.05.2025 16:33:09

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenti...

4.3

CVE-2020-14581

  • EPSS 0.39%
  • Published 15.07.2020 18:15:24
  • Last modified 27.05.2025 16:38:37

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated a...

4.3

CVE-2020-14579

  • EPSS 0.16%
  • Published 15.07.2020 18:15:23
  • Last modified 27.05.2025 16:36:39

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated att...