Vulnerabilities > Mcafee
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-25 | CVE-2019-3621 | Unspecified vulnerability in Mcafee Data Loss Prevention Endpoint Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. low complexity mcafee | 6.2 |
| 2019-07-24 | CVE-2019-3622 | Files or Directories Accessible to External Parties vulnerability in Mcafee Data Loss Prevention Endpoint Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links. | 8.2 |
| 2019-07-24 | CVE-2019-3595 | OS Command Injection vulnerability in Mcafee Data Loss Prevention Endpoint Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is exported and opened on the their machine. | 6.5 |
| 2019-07-24 | CVE-2019-3591 | Cross-site Scripting vulnerability in Mcafee Data Loss Prevention Endpoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated remote user to trigger specially crafted JavaScript to render in the ePO UI via a carefully crafted upload to a remote website which is correctly blocked by DLPe Web Protection. | 6.1 |
| 2019-07-23 | CVE-2019-2842 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). | 3.7 |
| 2019-07-23 | CVE-2019-2816 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). | 4.8 |
| 2019-07-23 | CVE-2019-2769 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). | 5.3 |
| 2019-07-23 | CVE-2019-2766 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). | 3.1 |
| 2019-07-23 | CVE-2019-2762 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). | 5.3 |
| 2019-07-23 | CVE-2019-2745 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). | 5.1 |