Mcafee Data Loss Prevention (Dlp) Endpoint For Windows
Approved changes feed: RSS · Atom
cpe:2.3:a:mcafee,llc:mcafee_data_loss_prevention_(dlp)_endpoint_for_windows:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Mcafee,Llc (a07eec98-d34c-5045-9a0e-859fd3b6002d) |
|---|---|
| Product | Mcafee Data Loss Prevention (Dlp) Endpoint For Windows (5d400747-fc9c-50a8-834d-53479a9305b8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-31844 |
vulnerable | 2026-06-03 14:44:33.619716 |
Local Privilege Escalation in McAfee DLP Endpoint for Windows
HIGH (8.2)
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.
Published: 2021-09-17T13:45:18.000Z
Updated: 2024-08-03T23:10:31.030Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31832 |
vulnerable | 2026-06-03 14:44:33.592522 |
Cross site scripting vulnerability in DLP Endpoint for Windows
MEDIUM (5.2)
Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user triggers a DLP policy on their machine.
Published: 2021-06-09T13:45:17.000Z
Updated: 2024-08-03T23:10:30.156Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-23887 |
vulnerable | 2026-06-03 14:43:55.838676 |
Privilege escalation in McAfee DLP Endpoint for Windows
HIGH (7.8)
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.
Published: 2021-04-15T07:55:15.000Z
Updated: 2024-08-03T19:14:09.191Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-23886 |
vulnerable | 2026-06-03 14:43:55.836794 |
Local Denial of Service in McAfee DLP Endpoint for Windows
MEDIUM (5.5)
Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory.
Published: 2021-04-15T07:50:15.000Z
Updated: 2024-08-03T19:14:09.648Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-7346 |
vulnerable | 2026-06-03 14:43:06.078521 |
Privilege escalation in McAfee DLP Endpoint for Windows
HIGH (7.8)
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time.
Published: 2021-03-23T16:05:23.000Z
Updated: 2024-08-04T09:25:49.105Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.