Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-3621 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker requires physical access to the machine. | |||||
| CVE-2019-3595 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-11-21 | 4.4 MEDIUM | 6.5 MEDIUM |
| Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is exported and opened on the their machine. In our checks, the user must explicitly allow the code to execute. | |||||
| CVE-2019-3591 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-11-21 | 4.3 MEDIUM | 3.9 LOW |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated remote user to trigger specially crafted JavaScript to render in the ePO UI via a carefully crafted upload to a remote website which is correctly blocked by DLPe Web Protection. This would then render as an XSS when the DLP Admin viewed the event in the ePO UI. | |||||
| CVE-2018-6689 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions. | |||||
| CVE-2018-6683 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-11-21 | 4.6 MEDIUM | 7.4 HIGH |
| Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline. | |||||
| CVE-2018-6664 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-11-21 | 6.5 MEDIUM | 5.8 MEDIUM |
| Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility. | |||||