EMC AppSync Apollo REST Services SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Appsync. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within Apollo REST...

Trend Micro InterScan Messaging Security Suite DetailReportAction Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro InterScan Messaging Security Suite. Authentication is required to exploit this vulnerability. The specific flaw exists within the showPicture method of the DetailReportAction...

CVE-2016-5306

Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445...

Symantec Endpoint Protection Manager and Client Information Disclosure Vulnerability

Symantec Endpoint Protection SEP is a suite of antivirus software from Symantec Corporation. The software provides security across physical and virtual systems.SEP Manager and Client are the management and client software. An information disclosure vulnerability exists in the management console o...