Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Mcafee Subscribe
Filtered by product Data Loss Prevention Endpoint
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-2758 1 Mcafee 1 Data Loss Prevention Endpoint 2016-12-02 6.5 MEDIUM N/A
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL.
CVE-2015-2759 1 Mcafee 1 Data Loss Prevention Endpoint 2016-12-02 6.8 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the database via unspecified vectors.
CVE-2016-3984 1 Mcafee 7 Active Response, Agent, Data Exchange Layer and 4 more 2016-05-18 3.6 LOW 5.1 MEDIUM
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
CVE-2015-1616 1 Mcafee 1 Data Loss Prevention Endpoint 2015-02-18 6.5 MEDIUM N/A
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.
CVE-2015-1617 1 Mcafee 1 Data Loss Prevention Endpoint 2015-02-18 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-1618 1 Mcafee 1 Data Loss Prevention Endpoint 2015-02-18 4.0 MEDIUM N/A
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL.