Filtered by vendor Symantec
Subscriptions
Total
571 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-12751 | 1 Symantec | 1 Message Gateway | 2024-08-04 | N/A |
| Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | ||||
| CVE-2019-12759 | 1 Symantec | 2 Endpoint Protection Manager, Mail Security | 2024-08-04 | 7.8 High |
| Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | ||||
| CVE-2019-12756 | 1 Symantec | 1 Endpoint Protection | 2024-08-04 | 2.3 Low |
| Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights. | ||||
| CVE-2019-12753 | 1 Symantec | 1 Reporter | 2024-08-04 | N/A |
| An information disclosure vulnerability in Symantec Reporter web UI 10.3 prior to 10.3.2.5 allows a malicious authenticated administrator user to obtain passwords for external SMTP, FTP, FTPS, LDAP, and Cloud Log Download servers that they might not otherwise be authorized to access. The malicious administrator user can also obtain the passwords of other Reporter web UI users. | ||||
| CVE-2019-12758 | 1 Symantec | 1 Endpoint Protection | 2024-08-04 | 6.7 Medium |
| Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature. | ||||
| CVE-2019-12754 | 1 Symantec | 1 Vip | 2024-08-04 | N/A |
| Symantec My VIP portal, previous version which has already been auto updated, was susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users or potentially bypass access controls such as the same-origin policy. | ||||
| CVE-2019-12757 | 1 Symantec | 1 Endpoint Protection | 2024-08-04 | 7.8 High |
| Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | ||||
| CVE-2019-12750 | 1 Symantec | 1 Endpoint Protection | 2024-08-04 | N/A |
| Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | ||||
| CVE-2019-12752 | 1 Symantec | 1 Sonar | 2024-08-04 | 6.1 Medium |
| The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass vulnerability which could potentially allow an attacker to circumvent the existing tamper protection in use on the resident system. | ||||
| CVE-2019-9694 | 1 Symantec | 1 Endpoint Encryption | 2024-08-04 | N/A |
| Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | ||||
| CVE-2019-9698 | 1 Symantec | 1 Antivirus Engine | 2024-08-04 | N/A |
| Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated privileges. | ||||
| CVE-2019-9696 | 1 Symantec | 1 Vip Enterprise Gateway | 2024-08-04 | N/A |
| Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. | ||||
| CVE-2019-9699 | 1 Symantec | 1 Messaging Gateway | 2024-08-04 | 4.5 Medium |
| Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | ||||
| CVE-2019-9701 | 1 Symantec | 1 Data Loss Prevention | 2024-08-04 | N/A |
| DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. | ||||
| CVE-2019-9702 | 1 Symantec | 1 Endpoint Encryption | 2024-08-04 | N/A |
| Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | ||||
| CVE-2019-9703 | 1 Symantec | 1 Endpoint Encryption | 2024-08-04 | N/A |
| Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | ||||
| CVE-2019-9695 | 1 Symantec | 2 Norton Core, Norton Core Firmware | 2024-08-04 | N/A |
| Norton Core prior to v278 may be susceptible to an arbitrary code execution issue, which is a type of vulnerability that has the potential of allowing an individual to execute arbitrary commands or code on a target machine or in a target process. Note that this exploit is only possible with direct physical access to the device. | ||||
| CVE-2019-9697 | 1 Symantec | 1 Management Center | 2024-08-04 | N/A |
| An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access. | ||||
| CVE-2020-12593 | 1 Symantec | 1 Endpoint Detection And Response | 2024-08-04 | 7.5 High |
| Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | ||||
| CVE-2020-5829 | 1 Symantec | 1 Endpoint Protection Manager | 2024-08-04 | 3.3 Low |
| Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. | ||||