Vulnerabilities > Mcafee > Data Loss Prevention > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-24 | CVE-2021-4088 | SQL Injection vulnerability in Mcafee Data Loss Prevention 11.6.401 SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. | 7.2 |
| 2021-03-23 | CVE-2020-7346 | Link Following vulnerability in Mcafee Data Loss Prevention Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. | 7.8 |
| 2020-08-13 | CVE-2020-7304 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Data Loss Prevention Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label. | 7.6 |