Core FTP LE 2.2 - Denial of Service Exploit

Exploit Title: Core FTP LE 2.2 - Denial of Service PoC Exploit Author: Ismael Nava Vendor Homepage: http://www.coreftp.com/ Software Link: http://www.coreftp.com/download.html Version: 2.2 build 1947 Tested on: Windows 10 Home x64 CVE : n/a STEPS Open the program Core FTP LE In File select the...

Symantec Endpoint Protection Clients Local Elevation of Privilege, CSV Formula Injection

SUMMARY Symantec has released updates to address security issues reported in both Symantec Endpoint Protection 12.1 and Symantec Endpoint Protection 14.0 Windows clients. AFFECTED PRODUCTS Symantec Endpoint Protection SEP --- CVE | Affected Versions | Remediation CVE-2016-9093 CVE-2016-9094 | Pri...

Symantec Endpoint Encryption Unquoted Service Path Local Elevation of Privilege

SUMMARY Symantec Endpoint Encryption SEE has an unquoted search path in EEDService. This could provide a non-privileged local user the ability to successfully insert arbitrary code in the root path. AFFECTED PRODUCTS Symantec Endpoint Encryption --- CVE | Affected Versions | Remediation...

Symantec Data Insight Management Console HTML Injection and Cross-Site Scripting

SUMMARY The management console for Symantec Data Insight does not sufficiently validate/sanitize arbitrary input in two separate fields within the management GUI. This could potentially allow unauthorized command execution or potential malicious redirection. AFFECTED PRODUCTS Product | Version |...