Vulnerabilities > Mcafee > Data Loss Prevention Endpoint > 11.3.0

DATE CVE VULNERABILITY TITLE RISK
2022-08-30 CVE-2022-2330 XXE vulnerability in Mcafee Data Loss Prevention Endpoint
Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML file, which the DLP Agent doesn't parse correctly.
network
low complexity
mcafee CWE-611
6.5
6.5
2021-09-17 CVE-2021-31844 Classic Buffer Overflow vulnerability in Mcafee Data Loss Prevention Endpoint
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file.
local
low complexity
mcafee CWE-120
7.3
7.3
2019-08-21 CVE-2019-3634 Out-of-bounds Read vulnerability in Mcafee Data Loss Prevention Endpoint 11.3.0
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory.
local
low complexity
mcafee CWE-125
5.5
5.5
2019-08-21 CVE-2019-3633 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mcafee Data Loss Prevention Endpoint 11.3.0
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading unallocated memory.
local
low complexity
mcafee CWE-119
5.5
5.5