Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2012/11/07 8:0 a.m.•33 views

Symantec Legacy Decomposer CAB File Issues

SUMMARY Symantec's legacy Decomposer engine fails to proper handle bounds checking when parsing files from some versions of CAB archives. This could result in the probability of an application crash in the majority of cases. A successfully crafted malicious CAB file could potentially result in...

9.3CVSS0.06045EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/15 8:0 a.m.•33 views

Symantec LiveUpdate Administrator 2.3 Insecure File Permissions

SUMMARY Symantec LiveUpdate Administrator 2.3 and prior install some files with insecure file permissions during a default installation. These files allow full control permission to everyone which could result in arbitrary command execution with elevated privileges on the system. AFFECTED PRODUCT...

6.9CVSS0.2AI score0.00347EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•33 views

Microsoft Internet Explorer CVE-2012-1875 Same ID Property Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS1AI score0.61655EPSS
Exploits11References1Affected Software1
Symantec
Symantec
•added 2012/05/22 8:0 a.m.•33 views

Symantec Endpoint Protection Multiple Issues

SUMMARY Specific versions of the Symantec Endpoint Protection Management Console in Symantec Endpoint Protection 11.x and Symantec Network Access Control 11.x are susceptible to a potential local access elevation of privilege. The Management Console in Symantec Endpoint Protection 12.1 is...

9.3CVSS1.4AI score0.04025EPSS
Exploits7Affected Software2
Symantec
Symantec
•added 2012/05/22 8:0 a.m.•33 views

Symantec Endpoint Protection Manager 11.x Denial of Service

SUMMARY Versions of Symantec Endpoint Protection Manager 11.0 running the Network Threat Protection module on Windows Server 2003 are susceptible to a Denial of ServiceDoS. Successful exploitation could potentially result in the system hosting Symantec Endpoint Protection Manager becoming...

5CVSS0.1AI score0.0287EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•33 views

Microsoft Excel Memory Corruption CVE-2012-0142 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS0.2AI score0.21596EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/03/13 12:0 a.m.•33 views

Microsoft Windows DNS Server (CVE-2012-0006) Remote Denial of Service Vulnerability

Description The Microsoft Windows DNS Server is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the DNS server service to stop responding, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura...

5CVSS6.4AI score0.31083EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•33 views

Microsoft Internet Explorer CVE-2012-0010 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because it fails to adequately validate user-supplied data during copy and paste operations. An attacker can exploit this issue to view content from a browser window in another domain or securi...

4.3CVSS6.1AI score0.14099EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•33 views

Microsoft Internet Explorer Virtual Function Table CVE-2011-2001 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.43125EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•33 views

Microsoft Internet Explorer Select Element CVE-2011-1999 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.27959EPSS
Exploits2References3Affected Software6
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•33 views

Microsoft Office Shared Component CVE-2011-1980 DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Office is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Libra...

9.3CVSS2.2AI score0.10383EPSS
Exploits0References4Affected Software1
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•33 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1882) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01405EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/06/14 12:0 a.m.•33 views

Microsoft Excel Insufficient Record Validation CVE-2011-1272 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.2AI score0.17592EPSS
Exploits1Affected Software3
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•33 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0670) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•33 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0675) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•33 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0671) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01345EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•33 views

Microsoft Publisher (CVE-2010-3954) Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

9.3CVSS7.3AI score0.20833EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•33 views

Microsoft Word Malformed Record Value (CVE-2010-3218) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.6AI score0.23832EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2010/08/10 12:0 a.m.•33 views

Microsoft Internet Explorer Uninitialized Memory CVE-2010-2559 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

9.3CVSS0.1AI score0.2752EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2010/08/10 12:0 a.m.•33 views

Microsoft Windows CVE-2010-1895 User Pool Overflow Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

7.2CVSS7.2AI score0.01591EPSS
Exploits1Affected Software4
Symantec
Symantec
•added 2010/06/08 12:0 a.m.•33 views

Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability

Description Microsoft Internet Explorer 8 Developer Tools 'iedvtool.dll' ActiveX control is prone to a remote code-execution vulnerability that stems from a memory-corruption issue. An attacker can exploit this issue to execute arbitrary code in the context of the application, usually Internet...

8AI score
Exploits0References1Affected Software14
Symantec
Symantec
•added 2010/04/13 12:0 a.m.•33 views

Adobe Acrobat and Reader CVE-2010-1241 'CoolType.dll' Remote Code Execution Vulnerability

Description Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are...

9.3CVSS9.1AI score0.09208EPSS
Exploits1References2Affected Software13
Symantec
Symantec
•added 2009/12/08 12:0 a.m.•33 views

Microsoft Internet Explorer (CVE-2009-3671) Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...

9.3CVSS7.1AI score0.21038EPSS
Exploits1References2Affected Software4
Symantec
Symantec
•added 2009/06/09 12:0 a.m.•33 views

Microsoft Internet Explorer Cached Content Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another domain or security...

7.1CVSS5.9AI score0.24762EPSS
Exploits2References1Affected Software2
Symantec
Symantec
•added 2009/04/23 8:0 a.m.•33 views

Symantec Brightmail Gateway and Mail Security Appliance Cross-site Scripting and Elevation of Privil

SUMMARY Symantec Brightmail Gateways Control Center is susceptible to cross-site scripting and elevation of privilege vulnerabilities. AFFECTED PRODUCTS Product | Version | Solutions ---|---|--- Symantec Brightmail Gateway Appliance 8300 | All prior to 8.0.1 | Upgrade to 8.0.1 or later Symantec...

9CVSS0.2AI score0.02206EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2008/10/14 12:0 a.m.•33 views

Microsoft Windows AFD Driver Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability in the Ancillary Function Driver 'afd.sys'. A successful exploit of this vulnerability will let a local attacker completely compromise an affected computer. Technologies Affected Microsoft Windows Server 2003...

0.2AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2008/03/11 12:0 a.m.•33 views

Microsoft Outlook Mailto URI Remote Code Execution Vulnerability

Description Microsoft Outlook is prone to a remote code-execution vulnerability because the application fails to adequately validate user-supplied data. Successfully exploiting this issue will allow attackers to execute arbitrary code with the privileges of the currently logged-in user. This will...

2.1AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2007/12/11 12:0 a.m.•33 views

Microsoft Windows Media Format Runtime ASF File Remote Code Execution Vulnerability

Description Windows Media Player is prone to a remote code-execution vulnerability because it fails to properly handle malformed media files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit...

0.4AI score
Exploits0References1Affected Software4
Symantec
Symantec
•added 2007/09/05 8:0 a.m.•33 views

Symantec SYMTDI.SYS Device Driver Local Denial of Service

SUMMARY Some versions of Symantecs device driver SYMTDI.SYS contain a vulnerability which, if successfully exploited, could allow a local attacker to cause the system to crash. Risk Impact Low Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes, to the local system Exploit...

1.9CVSS1.6AI score0.00864EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2007/06/26 8:0 a.m.•33 views

Symantec Mail Security for SMTP Executable Attachment Parsing Denial of Service

SUMMARY A denial of service has been discovered in Symantec Mail Security for SMTP when parsing Executable Attachments. Risk Impact Low Remote Access | Yes ---|--- Local Access | No Authentication Required | No Exploit publicly available | No AFFECTED PRODUCTS Products | Versions | Solution...

7.8CVSS0.8AI score0.04722EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2007/02/13 12:0 a.m.•33 views

Microsoft Antivirus Engine Integer Overflow Vulnerability

Description Microsoft Antivirus Engine is prone to an integer-overflow vulnerability when the application processes maliciously crafted files. This issue is currently being exploited via Portable Document Files PDF, but other Microsoft applications are also reported vulnerable. An attacker could...

7.7AI score
Exploits0References1Affected Software3
Symantec
Symantec
•added 2007/01/09 12:0 a.m.•33 views

Microsoft Office Brazilian Portuguese Grammar Checker Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. This issue occurs when the application processes certain Office files. Note that this issue may not be exploited automatically through email. For an attack to succeed, a victim must manually open an attachment sent by...

8.2AI score
Exploits0References1Affected Software16
Symantec
Symantec
•added 2006/02/01 8:0 a.m.•33 views

Symantec Sygate Management Server: SMS Authentication Servlet SQL Injection

SUMMARY A SQL injection vulnerability in Symantec's Sygate Management Server SMS version 4.1, build 1417 and earlier could potentially allow a remote or local attacker to gain administrative privileges to the SMS server. Risk Impact High Remote Access | Yes ---|--- Local Access | Yes Authenticati...

7.5CVSS7.2AI score0.0276EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2001/02/13 12:0 a.m.•33 views

Microsoft Windows NT PPTP DoS Vulnerability

Description A remote attacker could cause a denial of service condition in Windows NT. Submitting multiple maliciously crafted packets to the PPTP services will cause the consumption of all available system resources. Technologies Affected Microsoft Windows NT 4.0 Microsoft Windows NT Enterprise...

7.1AI score
Exploits0References2Affected Software5
Symantec
Symantec
•added 1997/01/06 12:0 a.m.•33 views

OReilly WebSite 1.x/2.0 win-c-sample.exe Buffer Overflow Vulnerability

Description O'Reilly WebSite Pro is a Windows 95/NT Web Server package. Versions 2.0 and below contained a vulnerable sample script, win-c-sample.exe, placed by default in /cgi-shl/ off the web root directory. This program is vulnerable to a buffer overflow, allowing for execution of arbitrary...

2.1AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•32 views

Oracle Banking Payments cpujan2020 Multiple Security Vulnerabilities

Description Oracle Banking Payments is prone to multiple security vulnerabilities. The vulnerability can be exploited over the 'HTTP' protocol. The 'Payments Core' component is affected. These vulnerabilities affect the following supported versions: 14.1.0 through 14.3.0 Technologies Affected...

0.8AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/24 12:0 a.m.•32 views

D-Link DIR-601 CVE-2019-16327 Authentication Bypass Vulnerability

Description D-Link DIR-601 is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. D-Link DIR-601 Router 2.00NA is vulnerable; other versions may also be affected...

1.9AI score0.01805EPSS
Exploits1References2Affected Software1
Symantec
Symantec
•added 2019/12/19 12:0 a.m.•32 views

Philips Veradius Unity, Pulsera, and Endura CVE-2019-18263 Denial of Service Vulnerability

Description Philips Veradius Unity, Pulsera, and Endura are prone to a denial-of-service vulnerability. An attacker can leverage this issue to cause denial-of-service condition. Technologies Affected Philips Endura Philips Pulsera Philips Veradius Unity Recommendations Block external access at th...

1.4AI score0.00195EPSS
Exploits0References1
Symantec
Symantec
•added 2019/12/19 12:0 a.m.•32 views

Wecon PLC Editor CVE-2019-18236 Multiple Stack Based Buffer Overflow Vulnerabilities

...

3.2AI score0.02791EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/12/18 12:0 a.m.•32 views

Sysstat CVE-2019-19725 Memory Corruption Vulnerability

Description Sysstat is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition. sysstat versions through 12.2.0 are vulnerable. Technologies...

7.5CVSS0.4AI score0.02762EPSS
Exploits1References4Affected Software1
Symantec
Symantec
•added 2019/12/17 12:0 a.m.•32 views

IBM API Connect CVE-2019-4609 Information Disclosure Vulnerability

Description IBM API Connect is prone to an information-disclosure vulnerability. Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks. IBM API Connect 2018.4.1.7 is vulnerable; other versions may also affected. Technologies Affected IBM API...

0.2AI score0.00792EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/17 12:0 a.m.•32 views

Multiple TIBCO Spotfire Products CVE-2019-17337 Cross Site Scripting Vulnerability

Description Multiple TIBCO Spotfire Products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected sit...

0.2AI score0.00727EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/12/14 12:0 a.m.•32 views

Ansible Tower Multiple Security Vulnerabilities

Description Ansible Tower is prone to multiple security vulnerabilities. An attacker can exploit these issues to gain unauthorized access or obtain sensitive information. That may aid in further attacks. Ansible Tower versions 3.6.1 and 3.5.3 are vulnerable; other versions may also be affected...

1.8AI score0.01534EPSS
Exploits0References4Affected Software1
Symantec
Symantec
•added 2019/12/12 12:0 a.m.•32 views

Omron PLC CJ/CS/NJ Series CVE-2019-18261 Authentication Bypass Vulnerability

Description Omron PLC CJ, CS and NJ Series are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and aid in brute-force attacks; other attacks may also be possible. The following products of Omron Programmable Logic...

1AI score0.01307EPSS
Exploits0References1
Symantec
Symantec
•added 2019/12/11 12:0 a.m.•32 views

Xen CVE-2019-19577 Denial of Service Vulnerability

Description Xen is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Xen Xen version through 4.12.0 are vulnerable. Technologies Affected Citrix Hypervisor 8.0 Citrix XenServer 7.0 Citrix XenServer...

0.4AI score0.00503EPSS
Exploits0References1Affected Software3
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Apple iOS/iPadOS/tvOS/watchOS CVE-2019-8836 Memory Corruption Vulnerability

Description Apple iOS, iPadOS, tvOS and watchOS are prone to a memory corruption vulnerability. An attacker can leverage this issue to execute arbitrary code with kernel privileges. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in: Apple iOS 13.3...

7.9AI score0.01297EPSS
Exploits0References3Affected Software5
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Apple iOS/tvOS/iPadOS/watchOS/macOS CVE-2019-8848 Privilege Escalation Vulnerability

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on an affected system. Technologies Affected Apple Ipad Mini- Apple TV Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple i...

0.1AI score0.01EPSS
Exploits0References3Affected Software5
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

SAP Adaptive Server Enterprise CVE-2019-0402 Information Disclosure Vulnerability

Description SAP Adaptive Server Enterprise is prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Adaptive Server Enterprise versions 15.7 and 16.0 are vulnerable. Technologies Affecte...

0.7AI score0.00419EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Adobe Acrobat and Reader CVE-2019-16444 Local Privilege Escalation Vulnerability

Description Adobe Acrobat and Reader are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges and perform unauthorized actions. Technologies Affected Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30094 Adobe Acrobat DC...

9.6AI score0.03194EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Microsoft Windows Printer Service CVE-2019-1477 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version...

4.1AI score0.01004EPSS
Exploits0Affected Software2
Total number of security vulnerabilities5000