cbcvebase.

Mcafee Data Loss Prevention Endpoint vulnerabilities

26 known vulnerabilities affecting mcafee/data_loss_prevention_endpoint.

Total CVEs
26
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH8MEDIUM16LOW2

Vulnerabilities

Page 2 of 2
CVE-2019-3634P4MEDIUMCVSS 5.5≥ 11.3.0, < 11.3.2.822019-08-21
CVE-2019-3634 [MEDIUM] CWE-119 CVE-2019-3634: Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows loca Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory.
nvd
CVE-2021-23886P4MEDIUMCVSS 5.5fixed in 11.6.100.412021-04-15
CVE-2021-23886 [MEDIUM] CWE-755 CVE-2021-23886: Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 1 Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory.
nvd
CVE-2015-1618P4MEDIUMCVSS 4.0≤ 9.3.3002015-02-17
CVE-2015-1618 [MEDIUM] CWE-200 CVE-2015-1618: The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authen The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL.
nvd
CVE-2015-2757P4MEDIUMCVSS 4.0≤ 9.3.4002015-03-27
CVE-2015-2757 [MEDIUM] CWE-399 CVE-2015-2757: The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.4 The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license corruption) via unspecified vectors.
nvd
CVE-2015-1617P4LOWCVSS 3.5≤ 9.3.3002015-02-17
CVE-2015-1617 [LOW] CWE-79 CVE-2015-1617: Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoin Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2015-2760P4LOWCVSS 3.5≤ 9.3.4002015-03-27
CVE-2015-2760 [LOW] CWE-79 CVE-2015-2760: Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoin Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
nvd