Vulnerabilities > Mcafee > Data Loss Prevention Endpoint > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-03-27 | CVE-2015-2758 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL. | 6.5 |
| 2015-03-27 | CVE-2015-2757 | Resource Management Errors vulnerability in Mcafee Data Loss Prevention Endpoint The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license corruption) via unspecified vectors. | 4.0 |
| 2015-02-17 | CVE-2015-1618 | Information Exposure vulnerability in Mcafee Data Loss Prevention Endpoint The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL. | 4.0 |
| 2015-02-17 | CVE-2015-1616 | SQL Injection vulnerability in Mcafee Data Loss Prevention Endpoint SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
| 2015-02-06 | CVE-2015-1305 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call. | 6.9 |