Data Loss Prevention Endpoint Security Vulnerabilities and Issues — Data Loss Prevention Endpoint CVE List

Lucene search

McafeeData Loss Prevention Endpoint

8 matches found

CVE•added 2019/07/24 3:15 p.m.•120 views

CVE-2019-3591

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated remote user to trigger specially crafted JavaScript to render in the ePO UI via a carefully crafted upl...

6.1CVSS5.5AI score0.00312EPSS

CVE•added 2019/07/24 3:15 p.m.•119 views

CVE-2019-3595

Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is...

6.5CVSS6.1AI score0.00192EPSS

CVE•added 2019/07/25 5:15 p.m.•51 views

CVE-2019-3621

Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker require...

6.8CVSS6.5AI score0.00063EPSS

CVE•added 2015/03/27 2:59 p.m.•49 views

CVE-2015-2758

The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL.

6.5CVSS6.6AI score0.00391EPSS

CVE•added 2022/08/30 8:15 a.m.•47 views

CVE-2022-2330

Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML file, which the DLP Agent doe...

6.5CVSS6.4AI score0.00121EPSS

CVE•added 2015/02/06 3:59 p.m.•46 views

CVE-2015-1305

McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.

6.9CVSS6.6AI score0.00573EPSS

CVE•added 2015/02/17 3:59 p.m.•43 views

CVE-2015-1616

SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.

6.5CVSS8.1AI score0.00311EPSS

CVE•added 2015/03/27 2:59 p.m.•40 views

CVE-2015-2759

Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the d...

6.8CVSS7.1AI score0.00116EPSS