Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee data loss prevention endpoint vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-2330
Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows before 11.9.100 allows a remote malicious user to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML f...
Mcafee Data Loss Prevention Endpoint
6.1
CVSSv3
CVE-2021-31848
Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension before 11.7.100 allows a remote malicious user to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the cas...
Mcafee Data Loss Prevention Endpoint
7.2
CVSSv3
CVE-2021-31849
SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension before 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.
Mcafee Data Loss Prevention Endpoint
7.3
CVSSv3
CVE-2021-31844
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.200 allows a local malicious user to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggeri...
Mcafee Data Loss Prevention Endpoint
4.8
CVSSv3
CVE-2021-31832
Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed...
Mcafee Data Loss Prevention
7.8
CVSSv3
CVE-2021-23887
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.100 allows a local, low privileged, malicious user to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying th...
Mcafee Data Loss Prevention Endpoint
5.5
CVSSv3
CVE-2021-23886
Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.100 allows a local, low privileged, malicious user to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlpho...
Mcafee Data Loss Prevention Endpoint
5.5
CVSSv3
CVE-2019-3633
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x before 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe readi...
Mcafee Data Loss Prevention Endpoint
5.5
CVSSv3
CVE-2019-3634
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x before 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory.
Mcafee Data Loss Prevention Endpoint
6.2
CVSSv3
CVE-2019-3621
Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x before 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The...
Mcafee Data Loss Prevention Endpoint
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »