Lucene search
K

69 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-8042

Malware in sbrugna...

8.5CVSS8.2AI score0.01719EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-26983

Malware in sbrugna...

3.3CVSS5.3AI score0.00354EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/07/08 12:0 a.m.93 views

Symantec Endpoint Protection Manager < 14.3 RU2 Session Token Exposure (SYMSA18255)

The version of Symantec Endpoint Protection Manager SEPM installed on the remote host is prior to 14.3 RU2. It is therefore affected by a vulnerability. HTTPS GET parameters may include session tokens, which could be logged. Note that Nessus has not tested for this issue but has instead relied on...

5.6AI score
Exploits0References2
NVD
NVD
added 2020/05/11 8:15 p.m.17 views

CVE-2020-5834

Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory...

5.3CVSS5.7AI score0.0165EPSS
Exploits0References1
CVE
CVE
added 2020/05/11 7:19 p.m.84 views

CVE-2020-5834

Summary: CVE-2020-5834 affects Symantec Endpoint Protection Manager (SEPM) prior to v14.3. A directory traversal vulnerability could allow a remote attacker to determine the size of files in a directory. Root cause / affected components: Directory traversal flaw in SEPM before 14.3 (as per multip...

5.3CVSS5.7AI score0.0165EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/02/13 12:0 a.m.2 views

Symantec Endpoint Protection Manager Information Disclosure Vulnerability (CNVD-2020-09963)

Symantec Endpoint Protection Manager SEPM is a suite of enterprise-grade virus protection software from Symantec USA. The software protects against malicious attacks such as viruses, worms, and Trojan horses. Symantec Endpoint Protection Manager suffers from an information disclosure vulnerabilit...

3.3CVSS6.2AI score0.00354EPSS
Exploits0References1
OSV
OSV
added 2020/02/11 6:15 p.m.2 views

CVE-2020-5831

Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...

3.3CVSS6.2AI score
Exploits0References1
CVE
CVE
added 2020/02/11 5:12 p.m.67 views

CVE-2020-5831

Symantec Endpoint Protection Manager (SEPM) is affected by CVE-2020-5831, a local, out-of-bounds read vulnerability present in SEPM prior to 14.2 RU2 MP1 (and pre-14.2 RU2 MP1 refresh noted in the advisories). Exploitation could allow a local attacker to read memory outside allocated bounds via t...

3.3CVSS3.8AI score0.00354EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/02/11 5:9 p.m.29 views

CVE-2020-5827

Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...

3.5AI score0.00354EPSS
Exploits0References1
Prion
Prion
added 2019/11/15 6:15 p.m.15 views

Privilege escalation

Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...

7.2CVSS7.9AI score0.00483EPSS
Exploits0References1Affected Software2
Symantec
Symantec
added 2019/11/14 12:0 a.m.58 views

Symantec Endpoint Protection Manager CVE-2018-18368 Local Privilege Escalation Vulnerability

Description Symantec Endpoint Protection Manager is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Symantec Endpoint Protection Manager versions prior to 14.2 RU1 are vulnerable. Technologies Affected Symantec Endpoint...

1.7AI score0.0058EPSS
Exploits0Affected Software1
NVD
NVD
added 2016/06/30 11:59 p.m.21 views

CVE-2016-3653

Multiple cross-site request forgery CSRF vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users...

8CVSS8.2AI score0.01342EPSS
Exploits4References4
NVD
NVD
added 2016/06/30 11:59 p.m.20 views

CVE-2016-3649

Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests...

4.3CVSS5.3AI score0.01656EPSS
Exploits0References3
NVD
NVD
added 2016/06/30 11:59 p.m.17 views

CVE-2016-3648

Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization window...

8.8CVSS8.4AI score0.0233EPSS
Exploits0References3
Prion
Prion
added 2016/06/30 11:59 p.m.19 views

Design/Logic Flaw

Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445...

5CVSS6.6AI score0.02076EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/06/30 11:59 p.m.16 views

Directory traversal

Directory traversal vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors...

4CVSS6.5AI score0.02914EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/06/30 11:59 p.m.13 views

Server side request forgery (ssrf)

Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery SSRF attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request...

4CVSS6.8AI score0.01851EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/06/30 11:59 p.m.13 views

Open redirect

Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

4.9CVSS6.5AI score0.04122EPSS
Exploits4References4Affected Software1
Prion
Prion
added 2016/06/30 11:59 p.m.14 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users...

6CVSS7.2AI score0.01342EPSS
Exploits4References4Affected Software1
Prion
Prion
added 2016/06/30 11:59 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.5AI score0.02552EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder