Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2007/01/09 12:0 a.m.•33 views

Microsoft Office Brazilian Portuguese Grammar Checker Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. This issue occurs when the application processes certain Office files. Note that this issue may not be exploited automatically through email. For an attack to succeed, a victim must manually open an attachment sent by...

8.2AI score
Exploits0References1Affected Software16
Symantec
Symantec
•added 2006/02/01 8:0 a.m.•33 views

Symantec Sygate Management Server: SMS Authentication Servlet SQL Injection

SUMMARY A SQL injection vulnerability in Symantec's Sygate Management Server SMS version 4.1, build 1417 and earlier could potentially allow a remote or local attacker to gain administrative privileges to the SMS server. Risk Impact High Remote Access | Yes ---|--- Local Access | Yes Authenticati...

7.5CVSS7.2AI score0.0276EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2001/02/13 12:0 a.m.•33 views

Microsoft Windows NT PPTP DoS Vulnerability

Description A remote attacker could cause a denial of service condition in Windows NT. Submitting multiple maliciously crafted packets to the PPTP services will cause the consumption of all available system resources. Technologies Affected Microsoft Windows NT 4.0 Microsoft Windows NT Enterprise...

7.1AI score
Exploits0References2Affected Software5
Symantec
Symantec
•added 1997/01/06 12:0 a.m.•33 views

OReilly WebSite 1.x/2.0 win-c-sample.exe Buffer Overflow Vulnerability

Description O'Reilly WebSite Pro is a Windows 95/NT Web Server package. Versions 2.0 and below contained a vulnerable sample script, win-c-sample.exe, placed by default in /cgi-shl/ off the web root directory. This program is vulnerable to a buffer overflow, allowing for execution of arbitrary...

2.1AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•32 views

Oracle Banking Payments cpujan2020 Multiple Security Vulnerabilities

Description Oracle Banking Payments is prone to multiple security vulnerabilities. The vulnerability can be exploited over the 'HTTP' protocol. The 'Payments Core' component is affected. These vulnerabilities affect the following supported versions: 14.1.0 through 14.3.0 Technologies Affected...

0.8AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/26 12:0 a.m.•32 views

GitLab CVE-2018-20492 Access Bypass Vulnerability

Description GitLab is prone to an access-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. GitLab versions prior to 11.4.13, 11.5.x prior to 11.5.6, and 11.6.x prior to 11.6...

1.1AI score0.0088EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/12/24 12:0 a.m.•32 views

D-Link DIR-601 CVE-2019-16327 Authentication Bypass Vulnerability

Description D-Link DIR-601 is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. D-Link DIR-601 Router 2.00NA is vulnerable; other versions may also be affected...

1.9AI score0.01805EPSS
Exploits1References2Affected Software1
Symantec
Symantec
•added 2019/12/19 12:0 a.m.•32 views

Wecon PLC Editor CVE-2019-18236 Multiple Stack Based Buffer Overflow Vulnerabilities

...

3.2AI score0.02791EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/12/17 12:0 a.m.•32 views

Multiple Jenkins Plugins Multiple Security Vulnerabilities

Description Jenkins plugins are prone to the following vulnerabilities: 1. Multiple information-disclosure vulnerabilities. 2. Multiple cross-site request forgery vulnerabilities. 3. Multiple HTML-injection vulnerabilities. 4. An XML External Entity injection vulnerability An attacker may...

0.2AI score
Exploits0References1Affected Software17
Symantec
Symantec
•added 2019/12/17 12:0 a.m.•32 views

TYPO3 CVE-2019-19849 Multiple Remote Code Execution Vulnerabilities

Description TYPO3 is prone to multiple remote code-execution vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Versions prior to TYPO3 8.7.30,...

2.4AI score0.01267EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/16 12:0 a.m.•32 views

Atlassian Crowd CVE-2017-18107 Cross Site Request Forgery Vulnerability

Description Atlassian Crowd is prone to a cross-site request-forgery vulnerability because it fails to properly validate HTTP requests. Exploiting this issue allows a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also...

0.1AI score0.00449EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Microsoft Windows Printer Service CVE-2019-1477 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version...

4.1AI score0.01004EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Apple iOS/tvOS/iPadOS/watchOS/macOS CVE-2019-8848 Privilege Escalation Vulnerability

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on an affected system. Technologies Affected Apple Ipad Mini- Apple TV Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple i...

0.1AI score0.01EPSS
Exploits0References3Affected Software5
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Microsoft Git for Visual Studio CVE-2019-1350 Remote Code Execution Vulnerability

Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

0.25666EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

SAP Adaptive Server Enterprise CVE-2019-0402 Information Disclosure Vulnerability

Description SAP Adaptive Server Enterprise is prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Adaptive Server Enterprise versions 15.7 and 16.0 are vulnerable. Technologies Affecte...

0.7AI score0.00419EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Microsoft Windows Media Player CVE-2019-1480 Information Disclosure Vulnerability

Description Microsoft Windows Media Player is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...

4.9AI score0.05443EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•32 views

Multiple Intel Processors CVE-2019-11157 Multiple Security Vulnerabilities

Description Multiple Intel Processors are prone to multiple security vulnerabilities. A local attacker can leverage these issues to obtain sensitive information and gain elevated privileges. This may aid in further attacks. Technologies Affected Intel 6th generation Core processors Intel 7th...

2.7AI score0.00676EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/27 12:0 a.m.•32 views

F5 BIG-IP Traffic Management Microkernel CVE-2019-6667 Denial of Service Vulnerability

Description F5 BIG-IP is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the resource exhaustion resulting in a denial-of-service condition. Technologies Affected F5 BIG-IP AAM 11.5.1 F5 BIG-IP AAM 11.6.0 F5 BIG-IP AAM 11.6.5 F5 BIG-IP AAM 12.1.0 F5...

0.8AI score0.01014EPSS
Exploits0References1Affected Software14
Symantec
Symantec
•added 2019/11/25 12:0 a.m.•32 views

Multiple QNAP Products NAS-201911-25 Multiple Security Vulnerabilities

Description Multiple QNAP products are prone to multiple security vulnerabilities. An attacker can exploit these issues to gain unauthorized access to the affected device, inject and execute arbitrary code and read or write arbitrary files on the device. Technologies Affected Qnap Photo Station...

1.1AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/11/20 12:0 a.m.•32 views

Cisco DNA Spaces: Connector CVE-2019-15995 SQL Injection Vulnerability

Description Cisco DNA Spaces: Connector is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent...

1.2AI score0.0115EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/18 12:0 a.m.•32 views

Moodle CVE-2019-14884 Cross Site Scripting Vulnerability

Description Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attack...

7AI score0.00909EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/11/18 12:0 a.m.•32 views

Apache Shiro CVE-2019-12422 Information Disclosure Vulnerability

Description Apache Shiro is prone to an information-disclosure vulnerability. Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks. Versions prior to Apache Shiro 1.4.2 are vulnerable. Technologies Affected Apache Apache Shiro...

5CVSS2.1AI score0.09101EPSS
Exploits0References6Affected Software1
Symantec
Symantec
•added 2019/11/15 12:0 a.m.•32 views

Lexmark Services Monitor CVE-2019-16758 Directory Traversal Vulnerability

Description Lexmark Services Monitor is prone to a directory-traversal vulnerability. Remote attackers may use a specially crafted request with directory-traversal sequences '../' to retrieve sensitive information. This may aid in further attacks. Lexmark Services Monitor 2.27.4.0.39 is vulnerabl...

1.3AI score0.16765EPSS
Exploits4References2Affected Software1
Symantec
Symantec
•added 2019/11/15 12:0 a.m.•32 views

Multiple F5 BIG-IP Products CVE-2019-6662 Multiple Information Disclosure Vulnerabilities

Description Multiple F5 BIG-IP Products are prone to multiple information-disclosure vulnerabilities. Successfully exploiting these issues may allow attackers to obtain sensitive information. This may lead to other attacks. Technologies Affected F5 BIG-IP AAM 13.1.0 F5 BIG-IP AAM 13.1.1 F5 BIG-IP...

4CVSS1.3AI score0.00859EPSS
Exploits0References1Affected Software13
Symantec
Symantec
•added 2019/11/14 12:0 a.m.•32 views

Siemens SIMATIC S7-1200 CVE-2019-13945 Local Unauthorized Access Vulnerability

...

3.2AI score0.00532EPSS
Exploits0
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•32 views

Adobe Media Encoder CVE-2019-8246 Out of Bounds Arbitrary Code Execution Vulnerability

Description Adobe Media Encoder is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe...

1AI score0.04582EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•32 views

Microsoft Windows CVE-2019-1423 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for...

3.6AI score0.01333EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/11/11 12:0 a.m.•32 views

Envoy CVE-2019-18836 Remote Denial of Service Vulnerability

Description Envoy is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial of service conditions. Technologies Affected Envoy Envoy 1.12.0 Istio Istio 1.3.0 Istio Istio 1.3.1 Istio Istio 1.3.2 Istio Istio 1.3.3 Recommendations Block external access ...

5CVSS1.8AI score0.01938EPSS
Exploits1References3Affected Software2
Symantec
Symantec
•added 2019/11/06 12:0 a.m.•32 views

Cisco Web Security Appliance CVE-2019-15956 Unauthorized Access Vulnerability

Description Cisco Web Security Appliance is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvp51493. Technologies Affected...

1.8AI score0.00981EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•32 views

Multiple IBM Products CVE-2019-4395 Local Information Disclosure Vulnerability

Description Multiple IBM products are prone to a local information-disclosure vulnerability. Exploiting this issue may allow a local attacker to obtain sensitive information that may aid in further attacks. Technologies Affected IBM Cloud Orchestrator 2.4 IBM Cloud Orchestrator 2.4.0.1 IBM Cloud...

2.1CVSS1.2AI score0.00307EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•32 views

ISC BIND CVE-2019-6476 Remote Denial of Service Vulnerability

Description ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. ISC BIND 9.14.0 through 9.14.6, and 9.15.0 through 9.15.4 are vulnerable. Technologies Affected ISC Bind 9.14.0 ISC Bind 9.14.1 ISC Bind 9.14.2 ISC...

5CVSS1AI score0.02883EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•32 views

Cisco Aironet Access Points CVE-2019-15265 Denial of Service Vulnerability

Description Cisco Aironet Access Points are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvn80147. Technologies Affected Cisco Aironet 1540 Series Access Points Cisco Aironet 15...

1.8AI score0.00318EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•32 views

Cisco SPA100 Series Analog Telephone Adapters CVE-2019-12704 Information Disclosure Vulnerability

Description Cisco SPA100 Series Analog Telephone Adapters are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvq50503. Technologies Affected...

4CVSS1.7AI score0.01565EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•32 views

Sonatype Nexus Repository Manager CVE-2019-15588 OS Command Injection Vulnerability

Description Sonatype Nexus Repository Manager is prone to an OS command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. Versions prior to Nexus Repository Manager...

9CVSS0.5AI score0.18396EPSS
Exploits5References3Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•32 views

Oracle E-Business Suite CVE-2019-2994 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in the Oracle Marketing. This vulnerability can be exploited over the 'HTTP' protocol. The 'Marketing Administration' component is affected. This vulnerability affect the following supported versions: 12.1.1 through...

1.1AI score0.01494EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•32 views

Oracle E-Business Suite CVE-2019-3024 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in Oracle Installed Base. The vulnerability can be exploited over the 'HTTP' protocol. The 'Engineering Change Order' component is affected. This vulnerability affects the following supported versions: 12.2.3 through...

0.9AI score0.01072EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•32 views

Oracle MySQL Server Cpuoct2019 Multiple Security Vulnerabilities

Description Oracle MySQL Server is prone to multiple security vulnerabilities. These vulnerabilities can be exploited over 'MySQL Protocol' protocol. The 'Server: C API', 'Server: Optimizer', 'Server: Parser', 'InnoDB', 'Server: Security: Encryption', and 'Server: Connection' components are...

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•32 views

Adobe Acrobat and Reader CVE-2019-8226 Information Disclosure Vulnerability

Description Adobe Acrobat and Reader are prone to information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30094 Adobe Acrobat D...

8.8AI score0.02893EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•32 views

Juniper Junos CVE-2019-0061 Local Privilege Escalation Vulnerability

Description Juniper Junos is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. The following versions of Juniper Junos are affected: Junper Junos 15.1X49 versions prior to 15.1X49-D171 and 15.1X49-D180 Junper Junos 15.1X53...

2.2AI score0.00356EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•32 views

Juniper Junos CVE-2019-0054 Certificate Validation Security Weakness

Description Juniper Junos is prone to a security weakness. An attacker can exploit this issue to perform man-in-the-middle attacks and perform certain unauthorized actions, which will aid in further attacks. Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 are vulnerable...

0.6AI score0.00587EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•32 views

Juniper Junos CVE-2019-0066 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 15.1 Juniper Junos 15.1A2 Juniper Junos 15.1F1 Juniper Junos 15.1F2 Juniper Junos 15.1F2-S14 Juniper Junos...

0.4AI score0.01361EPSS
Exploits0References3Affected Software1
Symantec
Symantec
•added 2019/10/08 12:0 a.m.•32 views

SAP Financial Consolidation Multiple Unspecified Security Vulnerabilities

Description SAP Financial Consolidation is prone to multiple unspecified security vulnerabilities. Limited information is currently available regarding these issues. We will update this BID as more information emerges. SAP Financial Consolidation versions 10.0 and 10.1 are vulnerable. Technologie...

1.3AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/08 12:0 a.m.•32 views

Microsoft Dynamics 365 CVE-2019-1375 Cross Site Scripting Vulnerability

Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

5.7AI score0.01456EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/08 12:0 a.m.•32 views

Siemens SIMATIC IT UADM CVE-2019-13929 Hardcoded Cryptographic Key Vulnerability

Description Siemens SIMATIC IT UADM is prone to a hard-coded cryptographic key vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable device and perform unauthorized actions. Versions prior to SIMATIC IT UADM 1.3 are vulnerable. Technologies Affected Sieme...

1.2AI score0.01273EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/07 12:0 a.m.•32 views

Redhat OpenShift Container Platform CVE-2019-14854 Information Disclosure Vulnerability

Description Redhat OpenShift Container Platform is prone to an information-disclosure vulnerability. Successful exploits may allow the attacker to obtain sensitive information. This may lead to other attacks. OpenShift Container Platform 4.1 and 4.2 are vulnerable. Technologies Affected Redhat...

0.7AI score0.00799EPSS
Exploits1References5Affected Software1
Symantec
Symantec
•added 2019/10/02 12:0 a.m.•32 views

Cisco Unified Communications Manager CVE-2019-12715 Cross Site Scripting Vulnerability

Description Cisco Unified Communications Manager is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

0.8AI score0.01057EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/02 12:0 a.m.•32 views

Multiple Cisco Products CVE-2019-15256 Denial of Service Vulnerability

Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a reload to the affected device; denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCvo11077. Technologies Affected Cisco Adaptive Securi...

1.6AI score0.01967EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/02 12:0 a.m.•32 views

Cisco Prime Infrastructure CVE-2019-12712 Cross Site Scripting Vulnerability

Description Cisco Prime Infrastructure is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

6.6AI score0.01057EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•32 views

Microsoft .NET Core CVE-2019-1301 Denial of Service Vulnerability

Description Microsoft .NET Core is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft .NET Core 2.1 Microsoft .NET Core 2.2 Recommendations Block external access at the network boundary,...

1.1AI score0.0533EPSS
Exploits0
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•32 views

Microsoft SharePoint CVE-2019-1257 Remote Code Execution Vulnerability

Description Microsoft SharePoint is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsof...

0.8AI score0.11659EPSS
Exploits0Affected Software3
Total number of security vulnerabilities5000