Filtered by vendor Symantec
Subscribe
Total
571 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-1608 | 1 Symantec | 1 Netbackup Appliance | 2024-11-21 | 6.7 MEDIUM | N/A |
Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors. | |||||
CVE-2012-6533 | 2 Microsoft, Symantec | 4 Windows 2003 Server, Windows Xp, Encryption Desktop and 1 more | 2024-11-21 | 4.4 MEDIUM | N/A |
Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application. | |||||
CVE-2012-6277 | 3 Hp, Ibm, Symantec | 7 Autonomy Keyview Idol, Domino, Notes and 4 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code." | |||||
CVE-2012-4953 | 1 Symantec | 3 Antivirus, Endpoint Protection, Scan Engine | 2024-11-21 | 9.3 HIGH | N/A |
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file. | |||||
CVE-2012-4351 | 1 Symantec | 2 Encryption Desktop, Pgp Desktop | 2024-11-21 | 6.9 MEDIUM | N/A |
Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 allows local users to gain privileges via a crafted application. | |||||
CVE-2012-4350 | 1 Symantec | 1 Enterprise Security Manager | 2024-11-21 | 7.2 HIGH | N/A |
Multiple unquoted Windows search path vulnerabilities in the (1) Manager and (2) Agent components in Symantec Enterprise Security Manager (ESM) before 11.0 allow local users to gain privileges via unspecified vectors. | |||||
CVE-2012-4349 | 1 Symantec | 1 Network Access Control | 2024-11-21 | 7.2 HIGH | N/A |
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors. | |||||
CVE-2012-4348 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 7.2 HIGH | N/A |
The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors. | |||||
CVE-2012-4347 | 1 Symantec | 1 Messaging Gateway | 2024-11-21 | 5.0 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do. | |||||
CVE-2012-4178 | 1 Symantec | 1 Web Gateway | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter. | |||||
CVE-2012-3582 | 1 Symantec | 1 Pgp Universal Server | 2024-11-21 | 2.9 LOW | N/A |
Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session. | |||||
CVE-2012-3581 | 1 Symantec | 1 Messaging Gateway | 2024-11-21 | 3.3 LOW | N/A |
Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors. | |||||
CVE-2012-3580 | 1 Symantec | 1 Messaging Gateway | 2024-11-21 | 7.7 HIGH | N/A |
Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface. | |||||
CVE-2012-3579 | 1 Symantec | 1 Messaging Gateway | 2024-11-21 | 7.9 HIGH | N/A |
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session. | |||||
CVE-2012-2977 | 1 Symantec | 1 Web Gateway | 2024-11-21 | 5.0 MEDIUM | N/A |
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script. | |||||
CVE-2012-2976 | 1 Symantec | 1 Web Gateway | 2024-11-21 | 10.0 HIGH | N/A |
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue. | |||||
CVE-2012-2961 | 1 Symantec | 1 Web Gateway | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2012-2957 | 1 Symantec | 1 Web Gateway | 2024-11-21 | 7.2 HIGH | N/A |
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue. | |||||
CVE-2012-2953 | 1 Symantec | 1 Web Gateway | 2024-11-21 | 10.0 HIGH | N/A |
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts. | |||||
CVE-2012-2574 | 1 Symantec | 1 Web Gateway | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue. |