Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee data loss prevention vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-4088
SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x before 11.8.100, 11.7.x before 11.7.101, and 11.6.401 allows a remote authenticated malicious user to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code executi...
Mcafee Data Loss Prevention
Mcafee Data Loss Prevention 11.6.401
6.5
CVSSv2
CVE-2021-31849
SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension before 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.
Mcafee Data Loss Prevention Endpoint
3.5
CVSSv2
CVE-2021-31848
Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension before 11.7.100 allows a remote malicious user to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the cas...
Mcafee Data Loss Prevention Endpoint
4.6
CVSSv2
CVE-2021-31844
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.200 allows a local malicious user to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggeri...
Mcafee Data Loss Prevention Endpoint
6
CVSSv2
CVE-2021-31845
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover before 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover sca...
Mcafee Data Loss Prevention Discover
3.5
CVSSv2
CVE-2021-31832
Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed...
Mcafee Data Loss Prevention
4.9
CVSSv2
CVE-2021-23886
Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.100 allows a local, low privileged, malicious user to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlpho...
Mcafee Data Loss Prevention Endpoint
7.2
CVSSv2
CVE-2021-23887
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.100 allows a local, low privileged, malicious user to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying th...
Mcafee Data Loss Prevention Endpoint
4.6
CVSSv2
CVE-2020-7346
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows before 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of j...
Mcafee Data Loss Prevention
2.1
CVSSv2
CVE-2020-7307
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac before 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.
Mcafee Data Loss Prevention
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »