Mcafee Data Loss Prevention Endpoint vulnerabilities

26 known vulnerabilities affecting mcafee/data_loss_prevention_endpoint.

Total CVEs
26
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH8MEDIUM16LOW2

Vulnerabilities

Page 2 of 2
CVE-2015-2758MEDIUMCVSS 6.5≤ 9.3.4002015-03-27
CVE-2015-2758 [MEDIUM] CWE-264 CVE-2015-2758: The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.4 The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL.
nvd
CVE-2015-2760LOWCVSS 3.5≤ 9.3.4002015-03-27
CVE-2015-2760 [LOW] CWE-79 CVE-2015-2760: Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoin Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2015-1616MEDIUMCVSS 6.5≤ 9.3.3002015-02-17
CVE-2015-1616 [MEDIUM] CWE-89 CVE-2015-1616: SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) befo SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.
nvd
CVE-2015-1618MEDIUMCVSS 4.0≤ 9.3.3002015-02-17
CVE-2015-1618 [MEDIUM] CWE-200 CVE-2015-1618: The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authen The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL.
nvd
CVE-2015-1617LOWCVSS 3.5≤ 9.3.3002015-02-17
CVE-2015-1617 [LOW] CWE-79 CVE-2015-1617: Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoin Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2015-1305MEDIUMCVSS 6.9PoC≤ 9.3.3002015-02-06
CVE-2015-1305 [MEDIUM] CWE-264 CVE-2015-1305: McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.
nvd
← Previous2 / 2