Filtered by vendor Symantec
Subscribe
Total
571 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5826 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. | |||||
| CVE-2020-5825 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges. | |||||
| CVE-2020-5824 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable. | |||||
| CVE-2020-5823 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
| CVE-2020-5822 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
| CVE-2020-5821 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit. | |||||
| CVE-2020-5820 | 1 Symantec | 1 Endpoint Protection | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
| CVE-2020-12593 | 1 Symantec | 1 Endpoint Detection And Response | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | |||||
| CVE-2019-9703 | 1 Symantec | 1 Endpoint Encryption | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | |||||
| CVE-2019-9702 | 1 Symantec | 1 Endpoint Encryption | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | |||||
| CVE-2019-9701 | 1 Symantec | 1 Data Loss Prevention | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. | |||||
| CVE-2019-9699 | 1 Symantec | 1 Messaging Gateway | 2024-11-21 | 2.7 LOW | 4.5 MEDIUM |
| Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | |||||
| CVE-2019-9698 | 1 Symantec | 1 Antivirus Engine | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated privileges. | |||||
| CVE-2019-9697 | 1 Symantec | 1 Management Center | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access. | |||||
| CVE-2019-9696 | 1 Symantec | 1 Vip Enterprise Gateway | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. | |||||
| CVE-2019-9695 | 1 Symantec | 2 Norton Core, Norton Core Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| Norton Core prior to v278 may be susceptible to an arbitrary code execution issue, which is a type of vulnerability that has the potential of allowing an individual to execute arbitrary commands or code on a target machine or in a target process. Note that this exploit is only possible with direct physical access to the device. | |||||
| CVE-2019-9694 | 1 Symantec | 1 Endpoint Encryption | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
| CVE-2019-19547 | 2 Fedoraproject, Symantec | 2 Fedora, Endpoint Detection And Response | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may be susceptible to a cross site scripting (XSS) issue. XSS is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. An XSS vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. | |||||
| CVE-2019-18380 | 1 Symantec | 1 Industrial Control System Protection | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application user accounts without proper authentication. | |||||
| CVE-2019-18379 | 1 Symantec | 1 Messaging Gateway | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
| Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. | |||||