Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Mcafee, LLC — Vulnerabilities & Security Advisories 59

Browse all 59 CVE security advisories affecting Mcafee, LLC. AI-powered Chinese analysis, POCs, and references for each vulnerability.

McAfee, LLC operates primarily as a cybersecurity firm providing endpoint protection, data loss prevention, and threat intelligence services to enterprise and consumer markets. Its software portfolio, including antivirus and firewall solutions, has historically been susceptible to a range of critical vulnerabilities, with Remote Code Execution (RCE) and Cross-Site Scripting (XSS) representing the most prevalent classes among its 59 recorded Common Vulnerabilities and Exposures. These flaws often stemmed from improper input validation or insufficient access controls within its management consoles and agent components. Notable incidents include past exploits allowing attackers to bypass security policies or execute arbitrary code on compromised systems, highlighting risks associated with its privileged access management tools. While the company maintains rigorous patching protocols, the volume of disclosed CVEs underscores the complexity of securing its extensive suite of interconnected security products against evolving attack vectors.

Top products by Mcafee, LLC: McAfee Endpoint Security (ENS) McAfee Enterprise Security Manager (ESM) McAfee Agent (MA) McAfee Web Gateway (MWG) Data Loss Prevention (DLPe) for Windows McAfee VirusScan Enterprise (VSE) VirusScan Enterprise (VSE) McAfee Web Advisor (WA) McAfee Advanced Threat Defense (ATD) MVISION Endpoint ePO extension Endpoint Security for Windows McAfee Agent McAfee Host Intrusion Prevention System (Host IPS) for Windows Endpoint Security (ENS) for Window Mcafee Application and Change Control (MACC) McAfee Application and Change Control Data Exchange Layer (DXL) Broker Web Advisor (WA) McAfee TechCheck Endpoint Product Removal Tool McAfee Total Protection - Free Antivirus Trial McAfee FRP McAfee ePolicy Orchestrator (ePO) Total Protection (ToPS) for Mac OS Data eXchange Layer (DXL) Platform True Key (TK) ePolicy Orchestrator Cloud McAfee Network Security Manager (NSM) DLP Endpoint ePO extension Total Protection (MTP)
CVE IDTitleCVSSSeverityPublished
CVE-2019-3643 MWG scanners updated to address CVE-2019-9511 — McAfee Web Gateway (MWG) 5.3 Medium2019-09-11
CVE-2019-3634 Buffer overflow in DLP Endpoint for Windows — Data Loss Prevention (DLPe) for Windows 5.5 -2019-08-21
CVE-2019-3633 Buffer overflow in DLP Endpoint for Windows — Data Loss Prevention (DLPe) for Windows 5.5 -2019-08-21
CVE-2019-3637 Privilege Escalation vulnerability in FRP 5.x earlier than 5.1.0.209 — McAfee FRPCWE-264 7.8 -2019-08-14
CVE-2019-3639 MWG UI: Cross-Frame Scripting vulnerability — McAfee Web Gateway (MWG) 5.4 -2019-08-14
CVE-2019-3635 MWG Proxy: Cross-Frame Scripting vulnerability — McAfee Web Gateway (MWG) 6.5 -2019-08-14
CVE-2019-3621 DLP Endpoint Windows lock screen bypass with physical access — Data Loss Prevention (DLPe) for Windows 6.8 -2019-07-25
CVE-2019-3622 DLP Endpoint log file redirection to arbitrary locations — Data Loss Prevention (DLPe) for WindowsCWE-552 8.8 -2019-07-24
CVE-2019-3591 DLP Endpoint ePO extension vulnerable to XSS — Data Loss Prevention ePO extension 6.1 -2019-07-24
CVE-2019-3595 DLP Endpoint ePO extension not sanitizing CSV exports — DLP Endpoint ePO extensionCWE-78 6.5 -2019-07-24
CVE-2019-3592 MA for Windows update addresses weak directory permissions — McAfee Agent (MA) 6.7 -2019-07-18
CVE-2019-3619 McAfee ePolicy Orchestrator 信息泄露漏洞 — McAfee ePolicy Orchestrator (ePO) 7.5 -2019-07-03
CVE-2019-3632 Directory Traversal vulnerability could lead to elevated privileges — McAfee Enterprise Security Manager (ESM) 8.8 -2019-06-27
CVE-2019-3631 Command Injection could allow authenticated users to execute arbitrary code — McAfee Enterprise Security Manager (ESM) 7.2 -2019-06-27
CVE-2019-3630 Command Injection could allow authenticated users to execute arbitrary code — McAfee Enterprise Security Manager (ESM) 7.2 -2019-06-27
CVE-2019-3629 Application protections bypass vulnerability could allow unauthenticated user to impersonate system users — McAfee Enterprise Security Manager (ESM) 7.5 -2019-06-27
CVE-2019-3628 Privilege escalation could allow authenticated user to gain access to a core system — McAfee Enterprise Security Manager (ESM) 8.8 -2019-06-27
CVE-2019-3586 McAfee Endpoint Security firewall not always acting on GTI lookup results — McAfee Endpoint Security (ENS)CWE-693 4.7 -2019-05-15
CVE-2019-3602 Cross site scripting vulnerability in McAfee NSM impacting authenticated users — McAfee Network Security Manager (NSM) 4.8 -2019-05-15
CVE-2019-3612 Information disclosure vulnerability in McAfee TIE Server and DXL Platform — Data eXchange Layer (DXL) Platform 5.5 -2019-04-10
CVE-2019-3582 McAfee Endpoint Security updates fix a privilege escalation vulnerability — McAfee Endpoint Security (ENS) 7.8 -2019-02-28
CVE-2019-3599 McAfee Agent update fixes an Information Disclosure vulnerability — McAfee Agent (MA) 7.5 -2019-02-28
CVE-2019-3598 McAfee Agent update fixes a vulnerability in handling UDP requests — McAfee Agent (MA) 7.5 -2019-02-28
CVE-2018-6687 GetSusp (a free McAfee tool) update fixes an infinite loop vulnerability (CVE-2018-6687) — McAfee GetSusp (GetSusp) 5.5 -2019-02-21
CVE-2019-3610 True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability — True Key (TK) 5.5 -2019-02-13
CVE-2019-3604 ePolicy Orchestrator Cloud update fixes multiple Cross-Site Request Forgery vulnerabilities — ePolicy Orchestrator Cloud 8.8 -2019-02-01
CVE-2019-3593 Exploitation of Privilege/Trust vulnerability — Total Protection (MTP) 7.1 -2019-01-28
CVE-2018-6703 Remote Logging functionality had a use after free vulnerability in McAfee Agent — McAfee Agent 9.8 -2018-12-11
CVE-2018-6674 Privilege escalation vulnerability in McAfee VSE when McTray run with elevated privileges — VirusScan Enterprise (VSE)CWE-264 5.1 -2018-05-25

This page lists every published CVE security advisory associated with Mcafee, LLC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.