49 matches found
EUVD-2021-17559
Malware in sbrugna...
EUVD-2018-4219
Malware in sbrugna...
EUVD-2013-1648
Malware in sbrugna...
EUVD-2013-1650
Malware in sbrugna...
EUVD-2013-1649
Malware in sbrugna...
EUVD-2006-3069
Malware in sbrugna...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
CVE-2020-5832
Symantec Data Center Security Manager Component, prior to 6.8.2 aka 6.8 MP2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected...
CVE-2013-1615
The management console aka Java console on the Symantec Security Information Manager SSIM appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls...
CVE-2013-1614
Multiple cross-site scripting XSS vulnerabilities in the management console aka Java console on the Symantec Security Information Manager SSIM appliance 4.7.x and 4.8.x before 4.8.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1613
SQL injection vulnerability in the management console aka Java console on the Symantec Security Information Manager SSIM appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
Input validation
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
CVE-2021-30642
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges...
OS Command Injection in Security Analytics
Summary The Symantec Security Analytics web UI is susceptible to an OS command injection vulnerability. A remote unauthenticated attacker, who has access to the Security Analytics web UI, can execute arbitrary OS commands on the target with elevated privileges. Affected Products The following...
Symantec Security Analytics Web UI 操作系统命令注入漏洞
Symantec Security Analytics Web UI is an application from Symantec Corporation, USA. Symantec Security Analytics suffers from an operating system command injection vulnerability that results from improper input validation. An unauthenticated, remote attacker could use this vulnerability to send...
Thousands of firms hit by Beapy malware using NSA hacking tools
By Ryan De Souza EternalBlue and DoublePulsar hacking tools are back in action. Symantec security researchers have identified that cybercriminals are still utilizing the classified exploits/hacking tools of the National Security Agency NSA, which were stolen about two years back. The new malware...
Symantec Security Analytics Cross-Site Scripting Vulnerability
Symantec Security Analytics SA is a suite of security analytics solutions from Symantec USA. The product is mainly used for the discovery and organization of network threats, supporting real-time analysis and logging of network threats. A cross-site scripting vulnerability exists in the Web UI in...
Cross site scripting
The Symantec Security Analytics SA 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks ...