Filtered by vendor Symantec Subscriptions
Total 571 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-23957 1 Symantec 1 Identity Portal 2024-09-25 5.4 Medium
An authenticated user can see and modify the value for ‘next’ query parameter in Symantec Identity Portal 14.4
CVE-2023-23958 1 Symantec 1 Protection Engine 2024-09-23 6.8 Medium
Symantec Protection Engine, prior to 9.1.0, may be susceptible to a Hash Leak vulnerability.
CVE-2003-1575 2 Sun, Symantec 2 Solaris, Vxfs 2024-09-17 N/A
VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem.
CVE-2013-4678 1 Symantec 1 Backup Exec 2024-09-17 N/A
The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors.
CVE-2013-1611 1 Symantec 1 Brightmail Gateway 2024-09-17 N/A
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2017-15527 1 Symantec 1 Management Console 2024-09-17 N/A
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs.
CVE-2002-1779 1 Symantec 1 Norton Personal Firewall 2024-09-17 N/A
The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305).
CVE-2012-6533 2 Microsoft, Symantec 4 Windows 2003 Server, Windows Xp, Encryption Desktop and 1 more 2024-09-17 N/A
Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application.
CVE-2016-9092 1 Symantec 2 Content Analysis, Mail Threat Defense 2024-09-17 N/A
The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user.
CVE-2012-0302 1 Symantec 1 Message Filter 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-4679 1 Symantec 1 Workspace Virtualization 2024-09-17 N/A
Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.
CVE-2012-0301 1 Symantec 1 Message Filter 2024-09-17 N/A
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2012-0303 1 Symantec 1 Message Filter 2024-09-17 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Brightmail Control Center in Symantec Message Filter 6.3 allow remote attackers to hijack the authentication of arbitrary users for requests that (1) execute application commands or (2) create admin accounts.
CVE-2018-5242 1 Symantec 1 Norton App Lock 2024-09-17 N/A
Norton App Lock prior to version 1.3.0.329 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.
CVE-2018-18363 1 Symantec 1 Norton App Lock 2024-09-17 N/A
Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.
CVE-2017-15525 1 Symantec 1 Endpoint Encryption 2024-09-17 N/A
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
CVE-2018-5236 1 Symantec 1 Endpoint Protection 2024-09-17 N/A
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.
CVE-2013-1610 1 Symantec 2 Encryption Desktop, Pgp Desktop 2024-09-17 N/A
Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.
CVE-2002-2206 1 Symantec 1 Norton Antivirus 2024-09-17 N/A
The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.
CVE-2004-2147 1 Symantec 1 Norton Antivirus 2024-09-17 N/A
Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body.