Mcafee Data Loss Prevention Endpoint — known CVE vulnerabilities
Every CVE whose affected-product data names Mcafee Data Loss Prevention Endpoint, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (26)
CVE-2021-31849 — CVSS 8.4 (high): SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO…
CVE-2021-31848 — CVSS 8.4 (high): Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to…
CVE-2019-3622 — CVSS 8.2 (high): Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows…
CVE-2021-31844 — CVSS 8.2 (high): A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to…
CVE-2016-8012 — CVSS 7.8 (high): Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with…
CVE-2021-23887 — CVSS 7.8 (high): Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low…
CVE-2018-6689 — CVSS 7.8 (high): Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than…
CVE-2018-6683 — CVSS 7.4 (high): Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions…
CVE-2015-1305 — CVSS 6.9 (medium): McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain…
CVE-2015-2759 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3…
CVE-2019-3621 — CVSS 6.8 (medium): Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local…
CVE-2022-2330 — CVSS 6.5 (medium): Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker…
CVE-2019-3595 — CVSS 6.5 (medium): Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP)…
CVE-2015-2758 — CVSS 6.5 (medium): The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users…
CVE-2015-1616 — CVSS 6.5 (medium): SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated…
CVE-2018-6664 — CVSS 5.8 (medium): Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP…
CVE-2019-3634 — CVSS 5.5 (medium): Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating…
CVE-2019-3633 — CVSS 5.5 (medium): Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating…
CVE-2021-23886 — CVSS 5.5 (medium): Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged…
CVE-2017-3948 — CVSS 5.4 (medium): Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows…
CVE-2016-3984 — CVSS 5.1 (medium): The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392…
CVE-2015-1618 — CVSS 4.0 (medium): The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive…
CVE-2015-2757 — CVSS 4.0 (medium): The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users…
CVE-2019-3591 — CVSS 3.9 (low): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe)…
CVE-2015-2760 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16…
CVE-2015-1617 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote…