Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Data loss prevention'
2022-01-24
CVE-2021-4088
CWE-89
SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server with privilege escalation.
2021-03-23
CVE-2020-7346
CWE-269
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time.
2020-08-13
CVE-2020-7307
CWE-522
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.
CVE-2020-7303
CWE-79
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new label.
CVE-2020-7302
CWE-434
Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking.
2020-08-12
CVE-2020-7301
CWE-79
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case management section.
CVE-2020-7300
CWE-863
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via carefully constructed HTTP post messages.
2019-11-14
CVE-2019-3640
CWE-522
Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity.
>>>
Vendor:
Mcafee
136
Products
Virusscan
Webshield smtp
Remote desktop 32
E-business server
Asap virusscan
Epolicy orchestrator
Entercept agent
Antivirus engine
Freescan
Security installer control system
Internet security suite
Intrushield security management system
Epolicy orchestrator agent
Antispyware
Mcinsctl.dll
Virusscan security center
Common management agent
Virusscan enterprise
Virex
Asset manager
Personal firewall plus
Privacy service
Quickclean
Security center
Spamkiller
Wireless home network security
Enterprise security manager
Scan engine
Protectionpilot
Network agent
Endpoint security
Neotrace
Visual trace
Securitycenter agent
Internet security
Agent
CMA
Mcafee framework
Encrypted usb manager
Safeboot device encryption
Active virus defense
Active virusscan
Email gateway
Securityshield for email servers
Securityshield for microsoft isa server
Securityshield for microsoft sharepoint
Total protection
Total protection for endpoint
Virusscan commandline
Virusscan plus
Virusscan usb
Groupshield
Gateway
Smartfilter
Email and web security appliance
Intrushield network security manager
Anti-virus plus
Web gateway
Secure mail
Unified threat management firewall firmware
Data loss prevention
Saas endpoint protection
Linuxshield
Host data loss prevention
Firewall reporter
Email and web security
Enterprise mobility manager
Enterprise mobility manager agent
Application control
Change control
Mcafee virtual technician
Epo mcafee virtual technician
Total protection 2010
Vulnerability manager
Superscan
Cloud identity manager
Cloud single sign on
Network security manager
Network data loss prevention
Endpoint encryption for files and folders
Mcafee file and removable media protection
File and removable media protection
Data loss prevention endpoint
Mcafee agent
Advanced threat defense
Epo deep command
Threat intelligence exchange
Enterprise security manager/log manager
Enterprise security manager/receiver
Mcafee enterprise security manager
File lock
Livesafe
Active response
Data exchange layer
Host intrusion prevention
Smartfilter administration
Security information and event management
Security scan plus
Host intrusion prevention services
Cloud analysis and deconstructive services
See all Products for Vendor
Mcafee
Copyright
2024
, cxsecurity.com
Back to Top