Vulnerabilities > Mcafee > Data Loss Prevention Endpoint > 9.3.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-30 | CVE-2022-2330 | XXE vulnerability in Mcafee Data Loss Prevention Endpoint Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows prior to 11.9.100 allows a remote attacker to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML file, which the DLP Agent doesn't parse correctly. | 6.5 |
| 2021-09-17 | CVE-2021-31844 | Classic Buffer Overflow vulnerability in Mcafee Data Loss Prevention Endpoint A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. | 7.3 |
| 2018-07-23 | CVE-2018-6683 | Incorrect Default Permissions vulnerability in Mcafee Data Loss Prevention Endpoint Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline. | 7.4 |
| 2018-05-25 | CVE-2018-6664 | Improper Verification of Cryptographic Signature vulnerability in Mcafee Data Loss Prevention Endpoint Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility. | 8.8 |
| 2017-03-14 | CVE-2016-8012 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get. | 7.8 |