Mcafee Data_loss_prevention_endpoint
26 CVEs affecting Mcafee Data_loss_prevention_endpoint. Latest disclosed: 2022-08-30. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-31849 | High | 8.4 | 2021-11-01 | SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator t… |
CVE-2021-31848 | High | 8.4 | 2021-11-01 | Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DL… |
CVE-2021-31844 | High | 8.2 | 2021-09-17 | A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code w… |
CVE-2019-3622 | High | 8.2 | 2019-07-24 | Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirec… |
CVE-2021-23887 | High | 7.8 | 2021-04-15 | Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to writ… |
CVE-2018-6689 | High | 7.8 | 2018-10-03 | Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attack… |
CVE-2016-8012 | High | 7.8 | 2017-03-14 | Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute perm… |
CVE-2018-6683 | High | 7.4 | 2018-07-23 | Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and… |
CVE-2019-3621 | Medium | 6.8 | 2019-07-25 | Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the… |
CVE-2022-2330 | Medium | 6.5 | 2022-08-30 | Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Age… |
CVE-2019-3595 | Medium | 6.5 | 2019-07-24 | Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0… |
CVE-2018-6664 | Medium | 5.8 | 2018-05-25 | Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.40… |
CVE-2021-23886 | Medium | 5.5 | 2021-04-15 | Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a… |
CVE-2019-3634 | Medium | 5.5 | 2019-08-21 | Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue scree… |
CVE-2019-3633 | Medium | 5.5 | 2019-08-21 | Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue scree… |
CVE-2017-3948 | Medium | 5.4 | 2017-06-23 | Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject… |
CVE-2016-3984 | Medium | 5.1 | 2016-04-08 | The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exch… |
CVE-2019-3591 | Low | 3.9 | 2019-07-24 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x pr… |
CVE-2015-2760 | | 2015-03-27 | Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows re… | |
CVE-2015-2759 | | 2015-03-27 | Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9… |