Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2018/11/13 12:0 a.m.•370 views

Microsoft Edge CVE-2018-8567 Remote Privilege Escalation Vulnerability

Description Microsoft Edge is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Edge Recommendations Block external access at the network boundary, unless external parties require service. Filter...

5.9AI score0.03141EPSS
Exploits0
Symantec
Symantec
•added 2018/08/14 12:0 a.m.•360 views

Microsoft SQL Server CVE-2018-8273 Remote Code Execution Vulnerability

Description Microsoft SQL Server is prone to a remote code-execution vulnerability. Successful exploits can allow attackers to execute arbitrary code within the context of the SQL Server Database Engine service account. Failed exploit attempts may result in a denial-of-service condition...

0.8AI score0.29208EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2010/09/14 12:0 a.m.•350 views

Microsoft IIS Request Header Buffer Overflow Vulnerability

Description Microsoft IIS is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects IIS 7.5 on Windows 7...

8.1AI score
Exploits0References1Affected Software4
Symantec
Symantec
•added 2013/12/10 12:0 a.m.•346 views

Microsoft Windows CVE-2013-3900 Remote Code Execution Vulnerability

Description Microsoft Windows Authenticode Signature Verification is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting victim to run or install a specially modified signed Portable Executable PE file. Successful exploits can allow attacke...

7.6CVSS8.2AI score0.44647EPSS
Exploits1Affected Software14
Symantec
Symantec
•added 2016/12/13 8:0 a.m.•337 views

SA136 : OpenSSH Vulnerabilities

SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to enumerate existing user accounts and cause denial of service through excessive CPU consumption...

7.8CVSS1.7AI score0.88944EPSS
Exploits17Affected Software12
Symantec
Symantec
•added 2020/04/21 8:41 p.m.•334 views

OpenSSH Vulnerabilities Jan-Oct 2019

Summary Symantec SWG products using affected versions of OpenSSH are susceptible to multiple vulnerabilities. A malicious SCP server or SCP man-in-the-middle MITM attacker can modify state on the SCP client host. A local attacker can cause denial of service through OpenSSH application crashes...

10CVSS1.7AI score0.58204EPSS
Exploits11Affected Software5
Symantec
Symantec
•added 2019/06/11 12:0 a.m.•328 views

Microsoft Windows Task Scheduler CVE-2019-1069 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

2.3AI score0.06117EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2019/01/26 12:0 a.m.•326 views

LibGD CVE-2019-6977 Heap Buffer Overflow Vulnerability

Description LibGD is prone to a heap-based buffer-overflow vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. LibGD 2.2.5 is...

6.8CVSS0.65116EPSS
Exploits7References5Affected Software2
Symantec
Symantec
•added 2019/09/24 12:0 a.m.•325 views

Apple Safari APPLE-SA-2019-9-26-9 Multiple security Vulnerabilities

Description Apple Safari is prone to is prone to multiple security vulnerabilities. An attacker may exploit these issues to carry out phishing-style attacks or to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Safari 1.0.0 Apple Safari 1.0.0 Apple Safari...

0.1AI score
Exploits0References3Affected Software2
Symantec
Symantec
•added 2017/03/14 12:0 a.m.•309 views

Microsoft Windows SMB Server CVE-2017-0147 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

4.3CVSS7.3AI score0.99693EPSS
Exploits22References4Affected Software6
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•305 views

SQLite CVE-2019-8457 Out of Bounds Read Heap Buffer Overflow Vulnerability

Description SQLite is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed...

7.5CVSS9.6AI score0.45426EPSS
Exploits0References4Affected Software3
Symantec
Symantec
•added 2016/12/13 12:0 a.m.•303 views

Microsoft Office CVE-2016-7262 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Exc...

6.8CVSS1AI score0.58204EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/10/03 12:0 a.m.•302 views

EMC RSA BSAFE Crypto-C Micro and Micro Edition Suite Multiple Security Vulnerabilities

Description EMC RSA BSAFE Crypto-C Micro and Micro Edition Suite are prone to the following security vulnerabilities: 1. Multiple information disclosure vulnerabilities 2. A denial-of-service vulnerability 3. A heap buffer overflow vulnerability An attacker can exploit these issues to gain...

0.2AI score
Exploits0References1
Symantec
Symantec
•added 2019/07/09 12:0 a.m.•298 views

Microsoft SQL Server CVE-2019-1068 Remote Code Execution Vulnerability

Description Microsoft SQL Server is prone to a remote code-execution vulnerability. Successful exploits can allow attackers to execute arbitrary code within the context of the SQL Server Database Engine service account. Failed exploit attempts may result in a denial-of-service condition...

1AI score0.44665EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2017/06/13 12:0 a.m.•297 views

Microsoft Internet Explorer and Edge CVE-2017-8529 Information Disclosure Vulnerability

Description Microsoft Internet Explorer and Edge are prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in...

4.3CVSS6.5AI score0.14265EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2017/09/12 12:0 a.m.•296 views

Microsoft Windows .NET Framework CVE-2017-8759 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microsoft...

9.3CVSS0.88698EPSS
Exploits14References2
Symantec
Symantec
•added 2004/03/09 12:0 a.m.•296 views

Microsoft Outlook Mailto Parameter Quoting Zone Bypass Vulnerability

Description Microsoft Outlook is prone to a vulnerability that may permit execution of arbitrary code on client systems. This issue is exposed through Outlook, but will reportedly cause Internet Explorer to load malicious content in the Local Zone. This is related to how mailto URIs are handled b...

7.2AI score
Exploits0References3Affected Software1
Symantec
Symantec
•added 2017/10/10 12:0 a.m.•293 views

Microsoft Office Outlook CVE-2017-11774 Security Bypass Vulnerability

Description Microsoft Office Outlook is prone to a security-bypass vulnerability because it fails to properly handle input. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary commands in the context of the affected application; this may aid in...

6.8CVSS0.9AI score0.59893EPSS
Exploits2References1Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•286 views

Microsoft Windows DirectX CVE-2018-8486 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

0.3AI score0.01682EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2021/06/21 4:51 p.m.•285 views

Symantec Security Update

Symantec Endpoint Protection, Data Center Security and Cloud Workload Protection Security Update Summary Symantec - A Division of Broadcom has released updates to address issues that were discovered in the Symantec Endpoint Protection Manager SEPM, Symantec Endpoint Protection SEP, Data Center...

1.4AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2017/07/05 8:0 a.m.•285 views

SA151: ImageMagick RCE Vulnerability (ImageTragick)

SUMMARY Symantec Network Protection products using affected versions of ImageMagick are susceptible to the ImageTragick security vulnerability. A remote attacker can send crafted images and execute arbitrary code on the target. AFFECTED PRODUCTS The following products are vulnerable: Security...

10CVSS1AI score0.97485EPSS
Exploits11Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•283 views

Microsoft Windows Kernel CVE-2018-8330 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

1.3AI score0.02541EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2017/06/13 12:0 a.m.•282 views

Microsoft SharePoint CVE-2017-8514 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

3.5CVSS6AI score0.03026EPSS
Exploits1References1Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•281 views

Microsoft Windows NTFS CVE-2018-8411 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...

2.1AI score0.0307EPSS
Exploits2Affected Software3
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•281 views

Microsoft SharePoint Server CVE-2018-8498 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...

0.3AI score0.02266EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2017/05/09 12:0 a.m.•279 views

Microsoft Windows COM CVE-2017-0213 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the application. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

1.9CVSS2.8AI score0.84138EPSS
Exploits13Affected Software3
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•277 views

Microsoft Windows Subsystem for Linux CVE-2018-8329 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based...

3.7AI score0.01177EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/12/18 12:0 a.m.•276 views

Apache Log4j CVE-2019-17571 Deserialization Remote Code Execution Vulnerability

Description Apache Log4j is prone to remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Apache Log4j versions through 1.2.17 are...

1.1AI score0.6906EPSS
Exploits3References4Affected Software2
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•276 views

Microsoft SQL Server Management Studio CVE-2018-8533 Information Disclosure Vulnerability

Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...

5.4AI score0.23373EPSS
Exploits5Affected Software1
Symantec
Symantec
•added 2014/08/12 12:0 a.m.•275 views

Microsoft Internet Explorer CVE-2014-2811 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...

9.3CVSS0.4AI score0.16463EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•273 views

Microsoft Edge Chakra Scripting Engine CVE-2018-8510 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

0.6AI score0.14607EPSS
Exploits0References1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•272 views

Microsoft Internet Explorer CVE-2018-8491 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11 is are vulnerable...

0.2AI score0.13131EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•272 views

Microsoft Internet Explorer CVE-2018-8460 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11 is vulnerable...

0.2AI score0.19165EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/03 12:0 a.m.•270 views

Multiple Cisco Products CVE-2019-12700 Denial of Service Vulnerability

Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the resource exhaustion and reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco bug IDs CSCvm92401, CSCvn83385...

1.3AI score0.01879EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•269 views

Microsoft SharePoint Server CVE-2018-8488 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...

0.3AI score0.02266EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•269 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8453 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

2.9AI score0.69833EPSS
Exploits9Affected Software3
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•267 views

Microsoft ChakraCore Scripting Engine CVE-2018-8500 Remote Memory Corruption Vulnerability

Description Microsoft ChakraCore Scripting Engine is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...

0.5AI score0.1847EPSS
Exploits0References1
Symantec
Symantec
•added 2019/02/12 12:0 a.m.•264 views

Microsoft Windows SMB Server CVE-2019-0630 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

0.6AI score0.17843EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2017/10/10 12:0 a.m.•261 views

Microsoft Office CVE-2017-11826 Memory Corruption Vulnerability

Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

9.3CVSS0.6AI score0.81627EPSS
Exploits3Affected Software4
Symantec
Symantec
•added 2020/01/07 12:0 a.m.•260 views

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Description Mozilla Firefox and Firefox ESR are prone to multiple security vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions, obtain sensitive information and bypass certain security restrictions and perform unauthorized actions. This may aid in further...

0.7AI score
Exploits0References1Affected Software3
Symantec
Symantec
•added 2019/07/09 12:0 a.m.•260 views

Microsoft Windows WCF/WIF SAML Token CVE-2019-1006 Authentication Bypass Vulnerability

Description Microsoft Windows is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks. Technologies Affected Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framewo...

1.1AI score0.06024EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2019/08/13 12:0 a.m.•255 views

Microsoft Windows Remote Desktop Services CVE-2019-1226 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected system. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1803 for...

10CVSS2.8AI score0.07586EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2014/09/24 12:0 a.m.•255 views

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability

Description GNU Bash is prone to remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Advantech EKI-1320 1.98...

10CVSS1.5AI score0.99999EPSS
Exploits139References36Affected Software319
Symantec
Symantec
•added 2018/01/03 12:0 a.m.•254 views

Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Mac Os X 10.11.6 Apple iOS 11.2 Apple macOS 10.12.6 Apple macOS 10.13.2 Apple tvOS...

4.7CVSS5.9AI score0.93838EPSS
Exploits12References6Affected Software54
Symantec
Symantec
•added 2015/07/14 12:0 a.m.•247 views

Microsoft SQL Server CVE-2015-1762 Remote Code Execution Vulnerability

Description Microsoft SQL Server is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial-of-service condition; this can result in the attacker gaining...

7.1CVSS0.10359EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2019/02/12 12:0 a.m.•246 views

Microsoft Windows DHCP Server CVE-2019-0626 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the system account. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Windows ...

1AI score0.68294EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2003/07/03 12:0 a.m.•246 views

CCBill WhereAmI.CGI Remote Arbitrary Command Execution Vulnerability

Description It has been reported that whereami.cgi distributed by CCBill does not properly handle some types of input. Because of this, an attacker may be able to gain access to a system with the privileges of the web server process. Technologies Affected CCBill whereami.cgi Recommendations Block...

1.4AI score
Exploits0References1
Symantec
Symantec
•added 2018/04/10 12:0 a.m.•245 views

Microsoft Visual Studio CVE-2018-1037 Information Disclosure Vulnerability

Description Microsoft Visual Studio is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Visual Studio 2010 SP1 Microsoft Visual Studio 2012 Update 4 Microsoft Visual...

4.5AI score0.05881EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2021/03/16 7:59 p.m.•244 views

Apache Tomcat Vulnerabilities May 2020 - Mar 2021

Summary Symantec Network and Information Security NIS products using affected versions of Apache Tomcat may be susceptible to multiple vulnerabilities. A remote attacker may be able to execute arbitrary code on the target server, observe HTTP responses for other users' requests, obtain JSP source...

5CVSS1.9AI score0.87553EPSS
Exploits16Affected Software1
Symantec
Symantec
•added 2018/12/05 12:0 a.m.•237 views

Adobe Flash Player CVE-2018-15982 Use After Free Remote Code Execution Vulnerability

Description Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition...

1.4AI score0.81844EPSS
Exploits13Affected Software5
Total number of security vulnerabilities5000