Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2011/02/08 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2011-0035 Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

9.3CVSS7AI score0.19535EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•35 views

Microsoft Office TIFF Image Converter (CVE-2010-3949) Buffer Overflow Vulnerability

Description Microsoft Office is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted...

9.3CVSS1AI score0.25106EPSS
Exploits0
Symantec
Symantec
•added 2010/08/10 12:0 a.m.•35 views

Microsoft Windows CVE-2010-1896 User Input Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

7.2CVSS0.1AI score0.01418EPSS
Exploits1Affected Software9
Symantec
Symantec
•added 2010/06/08 12:0 a.m.•35 views

Microsoft Windows Media Decompression (CVE-2010-1879) Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability when handling compressed media files. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. A successful exploit may allow arbitrary code to run in the context of the currently...

9.3CVSS0.20284EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2009/11/10 12:0 a.m.•35 views

Microsoft Excel Document Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

1AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2009/08/26 8:0 a.m.•35 views

Symantec Altiris Deployment Solution Multiple Vulnerabilities

SUMMARY Symantecs Altiris Deployment Solution contains vulnerabilities that could potentially be leveraged for unauthorized file access or a denial of service on a client system, authentication bypass on the Server to local system-level access on a client system. AFFECTED PRODUCTS Product | Versi...

9.3CVSS0.7AI score0.03763EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2009/06/09 12:0 a.m.•35 views

Microsoft Internet Explorer (CVE-2009-1141) Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...

9.3CVSS7.2AI score0.27614EPSS
Exploits1References1Affected Software4
Symantec
Symantec
•added 2009/06/09 12:0 a.m.•35 views

Microsoft Internet Explorer Cached Content Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another domain or security...

7.1CVSS5.9AI score0.24762EPSS
Exploits2References1Affected Software2
Symantec
Symantec
•added 2009/04/28 8:0 a.m.•35 views

Symantec Log Viewer JavaScript Injection Vulnerabilities

SUMMARY The Log Viewer feature in some Symantec products contains two parsing errors which could be exploited through Java script injection. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Norton 360 | 1.0 | Run LiveUpdate in Interactive Mode Norton Internet Security | 2005 through 200...

4.3CVSS0.1AI score0.02329EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2009/03/10 12:0 a.m.•35 views

Microsoft Windows DNS Server Incorrect Caching DNS Spoofing Vulnerability

Description The Microsoft Windows DNS Server is prone to a DNS-spoofing vulnerability because the software fails to cache responses to specially crafted DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to...

Exploits0References1Affected Software3
Symantec
Symantec
•added 2009/03/10 12:0 a.m.•35 views

Microsoft Windows Invalid Pointer Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected...

7.8AI score
Exploits0Affected Software5
Symantec
Symantec
•added 2007/12/11 12:0 a.m.•35 views

Microsoft Windows Media Format Runtime ASF File Remote Code Execution Vulnerability

Description Windows Media Player is prone to a remote code-execution vulnerability because it fails to properly handle malformed media files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit...

0.4AI score
Exploits0References1Affected Software4
Symantec
Symantec
•added 2007/02/13 12:0 a.m.•35 views

Microsoft Antivirus Engine Integer Overflow Vulnerability

Description Microsoft Antivirus Engine is prone to an integer-overflow vulnerability when the application processes maliciously crafted files. This issue is currently being exploited via Portable Document Files PDF, but other Microsoft applications are also reported vulnerable. An attacker could...

7.7AI score
Exploits0References1Affected Software3
Symantec
Symantec
•added 2005/08/24 8:0 a.m.•35 views

Symantec AntiVirus Corporate Edition 9.0 and Symantec Client Security 2.0 Help File Elevation of Pri

SUMMARY The Symantec AntiVirus Corporate Edition HTML client help function uses HTML help, the Windows help interface, to provide support to the client user. A non-privileged client user can manipulate the help function to access files on the system with local SYSTEM privileges. Risk Impact Mediu...

10CVSS0.6AI score0.01694EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2005/07/12 12:0 a.m.•35 views

Microsoft Outlook Express Multiple Vulnerabilities

Description Microsoft has released an update to address various issues affecting Outlook Express 6.0 running on Windows XP. These issues may allow remote attackers to cause the client to crash or disclose sensitive information. Reportedly remote attackers may cause the client to crash by sending...

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2004/09/14 12:0 a.m.•35 views

Microsoft GDI+ Library JPEG Segment Length Integer Underflow Vulnerability

Description Microsoft Graphics Device Interface GDI+ JPEG handler is reported prone to an integer underflow vulnerability when handling JPEG format images. This issue presents itself due to a lack of sufficient sanity checks performed on certain JPEG data before this data employed as a bounds val...

7.6AI score
Exploits0References14Affected Software23
Symantec
Symantec
•added 2004/07/13 12:0 a.m.•35 views

Microsoft IIS 4 Redirect Remote Buffer Overflow Vulnerability

Description Microsoft IIS 4.0 is reported prone to a buffer overflow vulnerability when handling redirects. It is reported that an attacker may exploit this vulnerability by issuing a large request to an affected IIS Web server. An attacker may exploit this issue to execute arbitrary code in the...

0.6AI score
Exploits0References7Affected Software1
Symantec
Symantec
•added 2004/04/13 12:0 a.m.•35 views

Microsoft Windows Local Descriptor Table Local Privilege Escalation Vulnerability

Description Microsoft Windows Local Descriptor Table programming interface is prone to a privilege-escalation vulnerability. A local attacker may be able to create a malicious entry in the Local Descriptor Table. This entry may point into protected memory. Since this memory space is reserved for...

1AI score
Exploits0References2Affected Software5
Symantec
Symantec
•added 2004/02/10 12:0 a.m.•35 views

Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability

Description Microsoft ASN.1 handling library has been reported prone to an integer overflow vulnerability that may result in arbitrary heap-based memory corruption. The issue presents itself in the ASN.1 BER decoding/encoding routines. Exploitation of this issue will result in the corruption of...

8.1AI score
Exploits0References3Affected Software15
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•34 views

Adobe Experience Manager APSB20-01 Multiple Cross Site Scripting Vulnerabilities

Description Adobe Experience Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affecte...

7.4AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•34 views

Microsoft Windows Search Indexer CVE-2020-0630 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

1.4AI score0.00749EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•34 views

Oracle AutoVue CVE-2020-2592 Remote Security Vulnerability

Description Oracle AutoVue is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTP' protocol. The 'Security' sub component is affected. This vulnerability affects the following supported versions: 12.0.2 Technologies Affected Oracle AutoVue 12.0.2 Recommendation...

1.2AI score0.01331EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•34 views

Microsoft Windows Search Indexer CVE-2020-0629 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

1.4AI score0.00749EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•34 views

Juniper Junos CVE-2020-1604 Security Bypass Vulnerability

Description Juniper Junos is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. The following products are affected: Juniper Junos 14.1X53 versions prior to...

0.7AI score0.00849EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/12/19 12:0 a.m.•34 views

Trend Micro Apex One and OfficeScan CVE-2019-19691 Information Disclosure Vulnerability

Description Trend Micro Apex One and OfficeScan are prone to an information-disclosure vulnerability. Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks. The following products are affected: Trend Micro Apex One 2019 Trend Micro OfficeScan XG...

0.1AI score0.01158EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/12/18 12:0 a.m.•34 views

Drupal Core SA-CORE-2019-011 Access Bypass Vulnerability

Description Drupal is prone to an access-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Drupal versions 8.7.x and 8.8.x are vulnerable. Technologies Affected Drupal Drupa...

2AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/11 12:0 a.m.•34 views

Xen CVE-2019-19577 Denial of Service Vulnerability

Description Xen is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Xen Xen version through 4.12.0 are vulnerable. Technologies Affected Citrix Hypervisor 8.0 Citrix XenServer 7.0 Citrix XenServer...

0.4AI score0.00503EPSS
Exploits0References1Affected Software3
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•34 views

Microsoft Visual Studio CVE-2019-1486 Spoofing Vulnerability

Description Microsoft Visual Studio is prone to an security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Visual...

0.2AI score0.01482EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•34 views

Microsoft Excel CVE-2019-1464 Information Disclosure Vulnerability

Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 SP2 32-bit editions Microsoft Excel 2010 SP2 64-bit editions Microsoft Exce...

0.08123EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•34 views

Siemens SiNVR 3 SSA-761617 Multiple Security Vulnerabilities

Description Siemens SiNVR 3 is prone to the following security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. Multiple authentication-bypass vulnerabilities 3. A directory-traversal vulnerability 4. A privilege-escalation vulnerability An attacker can exploit this issue...

1AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•34 views

Apple iOS/iPadOS/tvOS/watchOS CVE-2019-8836 Memory Corruption Vulnerability

Description Apple iOS, iPadOS, tvOS and watchOS are prone to a memory corruption vulnerability. An attacker can leverage this issue to execute arbitrary code with kernel privileges. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in: Apple iOS 13.3...

7.9AI score0.01297EPSS
Exploits0References3Affected Software5
Symantec
Symantec
•added 2019/11/25 12:0 a.m.•34 views

Siemens Polarion Multiple Cross Site Scripting and HTML Injection Vulnerabilities

Description Siemens Polarion is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...

0.5AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/11/22 12:0 a.m.•34 views

IBM Spectrum Protect CVE-2019-4406 Local Denial of Service Vulnerability

Description IBM Spectrum Protect is prone to local denial-of-service vulnerability. Successful exploits will allow local attackers to cause a denial-of-service conditions. Technologies Affected IBM Spectrum Protect 7.1.0.0 IBM Spectrum Protect 7.1.6.6 IBM Spectrum Protect 7.1.6.7 IBM Spectrum...

1.7AI score0.003EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/11/20 12:0 a.m.•34 views

Cisco Webex Centers CVE-2019-15987 Information Disclosure Vulnerability

Description Cisco Webex Centers are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug IDs CSCvq81213 and CSCvq81230. Cisco Webex Event Center, Cisco Webex...

1.5AI score0.01581EPSS
Exploits0References1
Symantec
Symantec
•added 2019/11/20 12:0 a.m.•34 views

McAfee Client Proxy CVE-2019-3654 Local Authentication Bypass Vulnerability

Description McAfee Client Proxy is prone to a local authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. McAfee Client Proxy MCP versions prior to 3.0.0 are vulnerable. Technologies Affected McAfee Client...

2.1AI score0.00665EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•34 views

Microsoft Visual Studio CVE-2019-1425 Remote Privilege Escalation Vulnerability

Description Microsoft Visual Studio is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Visual Studio 2017 15.9 Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.3 Recommendations...

0.1AI score0.03116EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•34 views

Adobe Animate CVE-2019-7960 DLL Loading Local Privilege Escalation Vulnerability

Description Adobe Animate is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Animate 19.2.1 and prior are vulnerable. Technologies Affected Adobe Animate 14.2.0.20 Adobe Animate 15.0.0.173 Adobe Animate 15.0.1.179 Adobe...

2.5AI score0.00777EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•34 views

Microsoft Windows Data Sharing Service CVE-2019-1379 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft...

3.4AI score0.00713EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•34 views

SAP Treasury and Risk Management CVE-2019-0384 Remote Authorization Bypass Vulnerability

Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...

0.8AI score0.00887EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/11/08 12:0 a.m.•34 views

Fortinet FortiClient for macOS CVE-2019-15704 Local Information Disclosure Vulnerability

Description Fortinet FortiClient for macOS is prone to a local information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Versions prior to FortiClient for macOS 6.0.8 and 6.2.1 are vulnerable. Technologies...

0.8AI score0.00195EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/31 12:0 a.m.•34 views

Xen CVE-2019-18423 Denial of Service Vulnerability

Description Xen is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash hypervisor, denying service to legitimate users. Xen version 4.8 and later are vulnerable. Technologies Affected Xen Xen 4.10 Xen Xen 4.10.0 Xen Xen 4.10.1 Xen Xen 4.10.2 Xen Xen 4.11.0 Xen...

1.4AI score0.02059EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/31 12:0 a.m.•34 views

Xen CVE-2019-18420 Denial of Service Vulnerability

Description Xen is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Xen Xen version 4.6 and later are vulnerable. Technologies Affected Xen Xen 4.10 Xen Xen 4.10.0 Xen Xen 4.10.1 Xen Xen 4.10.2 Xen...

1.8AI score0.02522EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•34 views

Multiple IBM Products CVE-2019-4394 Local Security Vulnerability

Description Multiple IBM Products are prone to a local security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Technologies Affected IBM Cloud Orchestrator 2.4 IBM Cloud Orchestrator 2.4.0.1 IBM...

2.1CVSS1.2AI score0.00285EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•34 views

Cisco SPA100 Series Analog Telephone Adapters CVE-2019-12708 Information Disclosure Vulnerability

Description Cisco SPA100 Series Analog Telephone Adapters are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvq50520. Technologies Affected...

4CVSS1.7AI score0.01088EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•34 views

Golang Go CVE-2019-17596 Remote Denial of Service Vulnerability

Description Golang Go is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Versions prior to Go 1.13.2 and Go 1.12.11 are vulnerable. Technologies Affected golang Go 1.12.1 golang Go 1.12.10 golang Go 1.12.5 golang Go...

0.6AI score0.04693EPSS
Exploits1References4Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•34 views

Palo Alto Networks GlobalProtect Agent CVE-2019-17435 Local Privilege Escalation Vulnerability

Description Palo Alto Networks GlobalProtect Agent is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges on the affected system. Versions prior to Palo Alto Networks GlobalProtect agent 4.1.13 and 5.0.4 for Windows platform are...

2.1AI score0.00294EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•34 views

Juniper Junos CVE-2019-0060 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a process crash, denying service to legitimate users. The following versions of Juniper Junos are affected: Juniper Junos 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 are...

0.9AI score0.01348EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•34 views

Juniper Junos CVE-2019-0068 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15 Juniper Junos 12.3X48-D20 Juniper Junos 12.3X48-D25...

0.4AI score0.01309EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•34 views

QEMU CVE-2019-12067 Null Pointer Dereference Denial of Service Vulnerability

Description QEMU is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected QEMU QEMU Recommendations Block external access at the network boundary, unless external parties require service. If global access isn't...

0.8AI score0.00307EPSS
Exploits0References2
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•34 views

Juniper Junos CVE-2019-0057 Local Authorization Bypass Vulnerability

Description Juniper Junos is prone to a local authorization-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Versions prior to Junos OS 18.2R1, and 18.2X75-D5 are vulnerable. Technologies Affected Juniper Junos 18.2...

1.7AI score0.00379EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities5000