Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-2757 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-02-04 | 4.0 MEDIUM | N/A |
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license corruption) via unspecified vectors. | |||||
CVE-2015-1617 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-02-04 | 3.5 LOW | N/A |
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2015-2758 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-02-04 | 6.5 MEDIUM | N/A |
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL. | |||||
CVE-2015-2759 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the database via unspecified vectors. | |||||
CVE-2015-1618 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-02-04 | 4.0 MEDIUM | N/A |
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL. | |||||
CVE-2015-2760 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-02-04 | 3.5 LOW | N/A |
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |