Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-13230

Malware in sbrugna...

6.5CVSS4.1AI score0.00711EPSS
Exploits0References3
Prion
Prion
added 2021/06/09 2:15 p.m.29 views

Input validation

Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention DLP Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user...

3.5CVSS5.1AI score0.00503EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/07/24 3:15 p.m.21 views

CVE-2019-3595

Improper Neutralization of Special Elements used in a Command 'Command Injection' in ePO extension in McAfee Data Loss Prevention DLP 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is...

6.5CVSS6.1AI score0.00711EPSS
Exploits0References2
Prion
Prion
added 2019/07/24 3:15 p.m.17 views

Command injection

Improper Neutralization of Special Elements used in a Command 'Command Injection' in ePO extension in McAfee Data Loss Prevention DLP 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is...

4.4CVSS5AI score0.00711EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/24 2:28 p.m.17 views

CVE-2019-3595 DLP Endpoint ePO extension not sanitizing CSV exports

Improper Neutralization of Special Elements used in a Command 'Command Injection' in ePO extension in McAfee Data Loss Prevention DLP 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is...

2CVSS6.8AI score0.00711EPSS
Exploits0References2
NVD
NVD
added 2018/07/23 3:29 p.m.15 views

CVE-2018-6683

Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention DLP for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline...

7.4CVSS7AI score0.00303EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/03 12:0 a.m.2 views

Trend Micro Threat Discovery Appliance Arbitrary Code Execution Vulnerability (CNVD-2017-06837)

The Trend Micro Threat Discovery Appliance TDA is a threat discovery appliance with integrated cloud security technology from Trend Micro. The appliance provides detection of malicious activity at the network layer, threat management services, and threat analysis and reporting. A security...

7.3CVSS7.5AI score0.0245EPSS
Exploits5References1
OSV
OSV
added 2017/04/28 7:59 p.m.1 views

CVE-2016-8587

dlppolicyupload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /engptnstores/prod/sensorSDK/data/ or /engptnstores/prod/sensorSDK/backuppol/...

7.3CVSS6.1AI score0.0245EPSS
Exploits5References2
NVD
NVD
added 2015/03/26 2:59 p.m.14 views

CVE-2015-2747

Multiple cross-site scripting XSS vulnerabilities in the data loss prevention DLP incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted 1 email or 2 HTTP request, which triggers a DLP Policy...

4.3CVSS5.7AI score0.01923EPSS
Exploits1References4
Prion
Prion
added 2015/03/26 2:59 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the data loss prevention DLP incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted 1 email or 2 HTTP request, which triggers a DLP Policy...

4.3CVSS6AI score0.01923EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2015/03/26 2:0 p.m.21 views

CVE-2015-2747

Multiple cross-site scripting XSS vulnerabilities in the data loss prevention DLP incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted 1 email or 2 HTTP request, which triggers a DLP Policy...

5.7AI score0.01923EPSS
Exploits1References4
Rows per page
Query Builder