Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-14	CVE-2019-3637	Unspecified vulnerability in Mcafee File and Removable Media Protection Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.209 allows local users to gain elevated privileges via running McAfee Tray with elevated privileges. local low complexity mcafee	6.7
2019-08-14	CVE-2019-3635	Unspecified vulnerability in Mcafee web Gateway Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe. network low complexity mcafee	6.5
2019-08-13	CVE-2019-9516	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. network low complexity apple apache canonical debian fedoraproject synology opensuse redhat oracle mcafee f5 nodejs CWE-770	6.5
2019-07-25	CVE-2019-3621	Unspecified vulnerability in Mcafee Data Loss Prevention Endpoint Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. low complexity mcafee	6.2
2019-07-24	CVE-2019-3595	OS Command Injection vulnerability in Mcafee Data Loss Prevention Endpoint Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is exported and opened on the their machine. local low complexity mcafee CWE-78	6.5
2019-07-24	CVE-2019-3591	Cross-site Scripting vulnerability in Mcafee Data Loss Prevention Endpoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated remote user to trigger specially crafted JavaScript to render in the ePO UI via a carefully crafted upload to a remote website which is correctly blocked by DLPe Web Protection. network low complexity mcafee CWE-79	6.1
2019-07-23	CVE-2019-2816	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). network high complexity oracle debian opensuse hp mcafee canonical redhat	4.8
2019-07-23	CVE-2019-2769	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). network low complexity oracle debian canonical redhat hp mcafee opensuse	5.3
2019-07-23	CVE-2019-2762	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). network low complexity oracle canonical opensuse debian redhat mcafee hp	5.3
2019-07-23	CVE-2019-2745	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). local high complexity oracle debian canonical opensuse mcafee hp	5.1