Filtered by vendor Symantec
Subscribe
Total
573 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-37015 | 1 Symantec | 1 Endpoint Detection And Response | 2023-12-10 | N/A | 9.8 CRITICAL |
Symantec Endpoint Detection and Response (SEDR) Appliance, prior to 4.7.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
CVE-2022-25623 | 1 Symantec | 1 Management Agent | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations. | |||||
CVE-2021-30642 | 1 Symantec | 1 Security Analytics | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges. | |||||
CVE-2020-12593 | 1 Symantec | 1 Endpoint Detection And Response | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | |||||
CVE-2020-5838 | 1 Symantec | 1 It Analytics | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users. | |||||
CVE-2020-5835 | 1 Symantec | 1 Endpoint Protection Manager | 2023-12-10 | 4.4 MEDIUM | 7.0 HIGH |
Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine. | |||||
CVE-2020-5839 | 1 Symantec | 1 Endpoint Detection And Response | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | |||||
CVE-2020-5833 | 1 Symantec | 1 Endpoint Protection Manager | 2023-12-10 | 2.1 LOW | 3.3 LOW |
Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. | |||||
CVE-2020-5834 | 1 Symantec | 1 Endpoint Protection Manager | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory. | |||||
CVE-2020-5837 | 1 Symantec | 1 Endpoint Protection | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege. | |||||
CVE-2020-5836 | 1 Symantec | 1 Endpoint Protection | 2023-12-10 | 4.4 MEDIUM | 7.8 HIGH |
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled. | |||||
CVE-2019-18376 | 1 Symantec | 1 Management Center | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated Management Center (MC) user's web browser history or a network device that intercepts/logs traffic to MC, to obtain CSRF tokens and use them to perform CSRF attacks against MC. | |||||
CVE-2020-5832 | 1 Symantec | 1 Data Center Security | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
CVE-2019-12756 | 1 Symantec | 1 Endpoint Protection | 2023-12-10 | 2.1 LOW | 2.3 LOW |
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights. | |||||
CVE-2020-5822 | 1 Symantec | 1 Endpoint Protection | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
CVE-2019-18372 | 1 Symantec | 1 Endpoint Protection | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
CVE-2020-5828 | 1 Symantec | 1 Endpoint Protection Manager | 2023-12-10 | 2.1 LOW | 3.3 LOW |
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. | |||||
CVE-2016-6589 | 1 Symantec | 1 It Management Suite | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
A Denial of Service vulnerability exists in the ITMS workflow process manager login window in Symantec IT Management Suite 8.0. | |||||
CVE-2016-6587 | 1 Symantec | 1 Norton Mobile Security | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android before 3.16, which could let a local malicious user obtain sensitive information. | |||||
CVE-2019-9699 | 1 Symantec | 1 Messaging Gateway | 2023-12-10 | 2.7 LOW | 4.5 MEDIUM |
Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. |