This page lists publicly disclosed CVE vulnerabilities affecting mcafee enterprise_security_manager (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-3644 | McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies. | [email protected] | 7.5 | 2.39% | 2019-09-11 | 2024-11-21 |
| CVE-2019-3643 | McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies. | [email protected] | 5.3 | 2.39% | 2019-09-11 | 2024-11-21 |
| CVE-2019-3632 | Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input. | [email protected] | 8.8 | 1.71% | 2019-06-27 | 2024-11-21 |
| CVE-2019-3631 | Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters. | [email protected] | 7.2 | 2.01% | 2019-06-27 | 2024-11-21 |
| CVE-2019-3630 | Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters. | [email protected] | 7.2 | 2.01% | 2019-06-27 | 2024-11-21 |
| CVE-2019-3629 | Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters. | [email protected] | 6.5 | 1.16% | 2019-06-27 | 2024-11-21 |
| CVE-2019-3628 | Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control. | [email protected] | 8.8 | 0.98% | 2019-06-27 | 2024-11-21 |
| CVE-2015-7704 | The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | [email protected] | 7.5 | 10.95% | 2017-08-07 | 2026-05-13 |
| CVE-2015-7310 | McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file. | [email protected] | 6.5 | 1.13% | 2015-09-22 | 2026-05-06 |