Filtered by vendor Symantec Subscriptions
Total 571 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-23958 1 Symantec 1 Protection Engine 2024-11-21 6.8 Medium
Symantec Protection Engine, prior to 9.1.0, may be susceptible to a Hash Leak vulnerability.
CVE-2023-23957 1 Symantec 1 Identity Portal 2024-11-21 5.4 Medium
An authenticated user can see and modify the value for ‘next’ query parameter in Symantec Identity Portal 14.4
CVE-2022-37015 1 Symantec 1 Endpoint Detection And Response 2024-11-21 9.8 Critical
Symantec Endpoint Detection and Response (SEDR) Appliance, prior to 4.7.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVE-2022-25630 1 Symantec 1 Messaging Gateway 2024-11-21 5.4 Medium
An authenticated user can embed malicious content with XSS into the admin group policy page.
CVE-2022-25629 1 Symantec 1 Messaging Gateway 2024-11-21 5.4 Medium
An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column).
CVE-2022-25623 1 Symantec 1 Management Agent 2024-11-21 7.8 High
The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations.
CVE-2021-30642 1 Symantec 1 Security Analytics 2024-11-21 9.8 Critical
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges.
CVE-2020-5839 1 Symantec 1 Endpoint Detection And Response 2024-11-21 7.5 High
Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
CVE-2020-5838 1 Symantec 1 It Analytics 2024-11-21 4.8 Medium
Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users.
CVE-2020-5837 1 Symantec 1 Endpoint Protection 2024-11-21 7.8 High
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
CVE-2020-5836 1 Symantec 1 Endpoint Protection 2024-11-21 7.8 High
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.
CVE-2020-5835 1 Symantec 1 Endpoint Protection Manager 2024-11-21 7.0 High
Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine.
CVE-2020-5834 1 Symantec 1 Endpoint Protection Manager 2024-11-21 5.3 Medium
Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory.
CVE-2020-5833 1 Symantec 1 Endpoint Protection Manager 2024-11-21 3.3 Low
Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5832 1 Symantec 1 Data Center Security 2024-11-21 7.8 High
Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVE-2020-5831 1 Symantec 1 Endpoint Protection Manager 2024-11-21 3.3 Low
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5830 1 Symantec 1 Endpoint Protection Manager 2024-11-21 3.3 Low
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5829 1 Symantec 1 Endpoint Protection Manager 2024-11-21 3.3 Low
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5828 1 Symantec 1 Endpoint Protection Manager 2024-11-21 3.3 Low
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5827 1 Symantec 1 Endpoint Protection Manager 2024-11-21 3.3 Low
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.