Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2014/11/11 12:0 a.m.•36 views

Microsoft Windows Kernel TrueType Font Parsing CVE-2014-6317 Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability that occurs in the Windows kernel. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microso...

7.1CVSS8.6AI score0.18428EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2014/09/09 12:0 a.m.•36 views

Microsoft .NET Framework CVE-2014-4072 Remote Denial of Service Vulnerability

Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to degrade the performance of a .NET-enabled website, causing a denial of service condition. Technologies Affected Microsoft .NET Framework 1.1 SP1 Microsoft .NET Framewor...

5CVSS1.1AI score0.30942EPSS
Exploits0
Symantec
Symantec
•added 2014/05/27 12:0 a.m.•36 views

Castor Library CVE-2014-3004 XML External Entity Information Disclosure Vulnerability

...

4.3CVSS1.9AI score0.07794EPSS
Exploits3Affected Software5
Symantec
Symantec
•added 2014/05/13 12:0 a.m.•36 views

Microsoft Office Token Reuse CVE-2014-1808 Information Disclosure Vulnerability

Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2013 32-bit editions Microsoft Office 2013 64-bit editions Microsoft Office 20...

4.3CVSS8.4AI score0.10091EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2014/05/02 8:0 a.m.•36 views

Symantec Critical System Protection for Windows Default Policy Bypass

SUMMARY Symantec Critical System Protection SCSP, Windows version, default policy settings can be susceptible to policy bypass when installed on an out-of-the-box unpatched windows server. While this is not in any way a normal installation, it could permit unauthorized access to information store...

7.6CVSS0.1AI score0.02354EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2014/04/23 8:0 a.m.•36 views

Symantec Encryption Desktop Memory Access Violations

SUMMARY Symantecs Encryption Desktop is susceptible to memory access violations when attempting to parse specific malformed certificate files. This could result in a possible application crash if a malicious individual could entice an authorized user to successfully click on a malformed file...

2.6CVSS6.1AI score0.00717EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2014/04/08 12:0 a.m.•36 views

Microsoft Word File Processing CVE-2014-1758 Remote Stack Buffer Overflow Vulnerability

Description Microsoft Word is prone to a remote stack-based buffer-overflow vulnerability. Successful exploits will allow attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...

9.3CVSS0.5AI score0.16695EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2014/03/11 12:0 a.m.•36 views

Microsoft Internet Explorer CVE-2014-0302 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

9.3CVSS0.2AI score0.20501EPSS
Exploits1Affected Software10
Symantec
Symantec
•added 2014/02/11 12:0 a.m.•36 views

Microsoft Forefront Protection for Exchange Server CVE-2014-0294 Remote Code Execution Vulnerability

Description Microsoft Forefront Protection for Exchange Server is prone to a remote code-execution vulnerability. Successful exploits will allow attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service...

10CVSS0.8AI score0.20895EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2013/12/10 12:0 a.m.•36 views

Microsoft Exchange Server CVE-2013-5072 Cross Site Scripting Vulnerability

Description Microsoft Exchange Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

4.3CVSS6.3AI score0.08876EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•36 views

Microsoft Word CVE-2013-3160 XML Files Handling Information Disclosure Vulnerability

Description Microsoft Word is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2003 SP1 Microsoft Office 2003 SP2 Microsoft Office 2003 SP3 Microsoft Office 20...

5CVSS5.6AI score0.24158EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•36 views

Microsoft Access CVE-2013-3156 Memory Corruption Vulnerability

Description Microsoft Access is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Access 2007 SP3 Microsoft...

9.3CVSS0.5AI score0.20022EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•36 views

Microsoft Outlook CVE-2013-3870 Remote Code Execution Vulnerability

Description Microsoft Outlook is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user, which can lead to a complete compromise of the affected computer. Technologies Affected Microsoft Office 20...

9.3CVSS0.5AI score0.18642EPSS
Exploits2Affected Software1
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•36 views

Microsoft Windows Active Directory CVE-2013-3868 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause the LDAP service to become non-responsive, resulting in denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura...

5CVSS0.8AI score0.38293EPSS
Exploits0Affected Software10
Symantec
Symantec
•added 2013/07/09 12:0 a.m.•36 views

Microsoft .NET Framework CVE-2013-3132 Remote Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attacker can exploit this vulnerability to bypass certain Code Access Security CAS restrictions and gain elevated privileges. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya...

9.3CVSS0.3AI score0.21764EPSS
Exploits0Affected Software9
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•36 views

Microsoft Windows 'Win32k.sys' CVE-2013-1265 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01047EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•36 views

Microsoft Windows 'Win32k.sys' CVE-2013-1261 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•36 views

Microsoft Windows Kernel CVE-2013-1278 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

7.2CVSS0.6AI score0.00942EPSS
Exploits0Affected Software14
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•36 views

Microsoft Windows 'Win32k.sys' CVE-2013-1269 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01525EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2012/11/13 12:0 a.m.•36 views

Microsoft .NET Framework CVE-2012-4777 Remote Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the application and obtain unauthorized access to the sensitive information. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilo...

9.3CVSS0.2AI score0.24755EPSS
Exploits1Affected Software9
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•36 views

Microsoft Internet Explorer CVE-2012-1522 Cached Object Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Conferencing...

9.3CVSS0.7AI score0.20933EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•36 views

Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.3AI score0.01577EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•36 views

Microsoft Internet Explorer CVE-2012-1880 'insertRow()' Method Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.1AI score0.24052EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/05/17 8:0 a.m.•36 views

Symantec Web Gateway Multiple Security Issues

SUMMARY Symantecs Web Gateway management GUI is susceptible to file include command injection/execution, file upload/execution and file download/deletion security issues. The management GUI is also susceptible to cross-site scripting XSS. Successful exploitation could result in execution of...

10CVSS0.1AI score0.72596EPSS
Exploits28Affected Software1
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•36 views

Microsoft Excel CVE-2012-1847 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.25099EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/04/17 12:0 a.m.•36 views

Oracle JRockit CVE-2012-1695 Remote Security Vulnerability

Description Oracle JRockit is prone to a remote security vulnerability. The vulnerability can be exploited over the 'Multiple' protocol. This vulnerability affects the following supported versions: 28.2.2 and before: JDK/JRE 5 and 6 27.7.1 and before: JKD/JRE 5 and 6 Technologies Affected Oracle...

10CVSS1.2AI score0.03819EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•36 views

Microsoft Internet Explorer CVE-2012-0169 JScript9 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencin...

9.3CVSS0.30421EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•36 views

Microsoft SharePoint Calendar CVE-2011-0653 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

4.3CVSS6.2AI score0.16912EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•36 views

Microsoft Windows NDISTAPI CVE-2011-1974 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS0.3AI score0.06983EPSS
Exploits4Affected Software1
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•36 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1878) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01405EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•36 views

Microsoft Windows CSRSS 'AllocConsole()' Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS0.1AI score0.02116EPSS
Exploits1References2Affected Software14
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•36 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1228) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01398EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•36 views

Microsoft VBScript and JScript Scripting Engines Information Disclosure Vulnerability

Description Microsoft VBScript and JScript scripting engines are prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Attackers can exploit this issue by enticing an unsuspecting user to...

0.3AI score
Exploits0Affected Software3
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•36 views

Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2741 Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...

7.2CVSS0.01792EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•36 views

Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2740 Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...

7.2CVSS0.01807EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•36 views

Microsoft Word (CVE-2010-3220) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.7AI score0.19751EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•36 views

Microsoft Internet Explorer Uninitialized Memory CVE-2010-3328 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

9.3CVSS8.8AI score0.31932EPSS
Exploits1Affected Software5
Symantec
Symantec
•added 2009/09/22 8:0 a.m.•36 views

Symantec Altiris Deployment Solution and Notification Server Management Console FileDownload Vulnera

SUMMARY Symantecs Altiris Deployment Solution and Notification Server install a vulnerable ActiveX control. Exploitation of this issue could possibly lead to unauthorized information disclosure, system information corruption or potentially allow arbitrary code execution in the context of the user...

6.8CVSS0.2AI score0.42598EPSS
Exploits5Affected Software1
Symantec
Symantec
•added 2009/08/25 8:0 a.m.•36 views

Symantec Products Autonomy KeyView Module Vulnerability

SUMMARY Symantec products that ship a third-party Autonomy KeyView module have updated the module to address a vulnerability in the processing of Excel spreadsheets reported against the KeyView module. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Mail Security...

9.3CVSS0.05718EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2009/02/10 12:0 a.m.•36 views

Microsoft Exchange Server EMSMDB2 MAPI Command Remote Denial of Service Vulnerability

Description Microsoft Exchange Server is prone to a remote denial-of-service vulnerability. A successful exploit allows a remote attacker to cause the application to stop responding, denying service to legitimate users. Technologies Affected Avaya Messaging Application Server Avaya Messaging...

0.2AI score
Exploits0References2Affected Software3
Symantec
Symantec
•added 2007/10/09 12:0 a.m.•36 views

Microsoft Internet Explorer Script Error Handling Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into viewing maliciously crafted HTML content. Successfully exploiting this issue allows arbitrary machine code to execute in the context of the affect...

Exploits0Affected Software5
Symantec
Symantec
•added 2007/06/12 12:0 a.m.•36 views

Microsoft Outlook Express Content Disposition Parsing Information Disclosure Vulnerability

Description Outlook Express is prone to a cross-domain information-disclosure vulnerability. This vulnerability may let a malicious website access properties of a site in an arbitrary external domain in the context of the victim's browser. Attackers could exploit this issue to access sensitive...

0.5AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2020/04/09 9:15 p.m.•35 views

CSRF Token Information Disclosure in MC

Summary The Management Center MC web UI is susceptible to a CSRF token disclosure vulnerability. A remote attacker, who has access to an authenticated MC user's web browser history or a network device that intercepts/logs traffic to MC, can obtain CSRF tokens and use them to perform CSRF attacks...

4.3CVSS0.9AI score0.00705EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•35 views

Microsoft Windows Win32k CVE-2020-0642 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

1.9AI score0.01498EPSS
Exploits5Affected Software3
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•35 views

Microsoft OneDrive for Android CVE-2020-0654 Security Bypass Vulnerability

Description Microsoft OneDrive for Android is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in launching further attacks. Technologies Affected Microsoft OneDrive Recommendations...

0.7AI score0.03476EPSS
Exploits0
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•35 views

Cisco Unified Customer Voice Portal CVE-2019-16017 Denial of Service Vulnerability

Description Cisco Unified Customer Voice Portal is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCvp72741. Technologies Affected Cisco Unified...

1.2AI score0.00934EPSS
Exploits0References1
Symantec
Symantec
•added 2020/01/06 12:0 a.m.•35 views

Fortinet FortiAuthenticator CVE-2019-16154 Cross Site Scripting Vulnerability

Description Fortinet FortiAuthenticator is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

1AI score0.00698EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/18 12:0 a.m.•35 views

Rack CVE-2019-16782 Information Disclosure Vulnerability

Description Rack is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Rack Project Rack 0.1 Rack Project Rack 0.2 Rack Project Rack 0.3 Rack Project Rack 0.4 Rack Project Rack...

0.6AI score0.03687EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/12/14 12:0 a.m.•35 views

Ansible Tower CVE-2019-19341 Information Disclosure Vulnerability

Description Ansible Tower is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. That may aid in further attacks. Ansible Tower versions 3.6.1 and 3.5.3 are vulnerable; other versions may also be affected. Technologies Affected...

2.3AI score0.00312EPSS
Exploits0References3Affected Software1
Symantec
Symantec
•added 2019/12/04 12:0 a.m.•35 views

Wireshark CVE-2019-19553 Denial of Service Vulnerability

Description Wireshark is prone to a remote denial-of-service vulnerability because it fails to properly handle certain type of packets. An attacker can leverage this issue to crash the affected application, denying service to legitimate users. Wireshark versions 3.0.0 through 3.0.6 and 2.6.0...

0.3AI score0.04128EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities5000