Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2020/01/14 12:0 a.m.•28 views

Oracle Database Server cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Database Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over 'OracleNet' protocol. The 'Database Gateway for ODBC' component is affected. These vulnerabilities affect the following supported versions: 11.2.0.4, 12.1.0.2,...

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•28 views

Microsoft Windows Subsystem for Linux CVE-2020-0636 Local Privilege Escalation Vulnerability

Description Microsoft Windows Subsystem for Linux is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based...

2.7AI score0.0082EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•28 views

Cisco Crosswork Change Automation CVE-2019-16024 Cross Site Scripting Vulnerability

Description Cisco Crosswork Change Automation is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

0.2AI score0.00801EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•28 views

Cisco UCS Director CVE-2019-16003 Information Disclosure Vulnerability

Description Cisco UCS Director is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvr00602. Technologies Affected Cisco UCS Director 4.0.0.0 Cisco UC...

0.6AI score0.01221EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2020/01/06 2:17 p.m.•28 views

Symantec Endpoint Detection and Response XSS

SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec Endpoint Detection and Response SEDR product. AFFECTED PRODUCTS Symantec Endpoint Detection and Response SEDR --- CVE | Affected Versions | Remediation CVE-2019-19547​ | Prior to 4.3.0 | Upgrade to 4.3...

4.3CVSS1.7AI score0.01379EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2019/12/19 12:0 a.m.•28 views

Multiple Dell EMC Products CVE-2019-18588 Cross Site Scripting Vulnerability

Description Multiple Dell EMC products are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

6.5AI score0.00674EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/12/18 12:0 a.m.•28 views

PHP PEAR 'Archive_Tar' Multiple Security Vulnerabilities

Description PEAR ArchiveTar is prone to multiple security vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the application, obtain sensitive information, bypass certain security restrictions and perform unauthorized actions. PEAR ArchiveTar version...

0.1AI score
Exploits0References2Affected Software2
Symantec
Symantec
•added 2019/12/17 12:0 a.m.•28 views

Multiple TIBCO Spotfire Products CVE-2019-17336 Multiple Information Disclosure Vulnerabilities

Description Multiple TIBCO Spotfire Products are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to obtain sensitive information. That may aid in further attacks. The following products are affected: TIBCO Spotfire Analytics Platform for AWS...

0.7AI score0.00883EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/12/11 12:0 a.m.•28 views

Drupal Webform Module Multiple Security Vulnerabilities

Description Webform Module of Drupal is prone to the following multiple security vulnerabilities: 1. An arbitrary-file-overwrite vulnerability 2. A cross-site scripting vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/11 12:0 a.m.•28 views

Xen CVE-2019-19582 Denial of Service Vulnerability

Description Xen is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Xen versions through 4.12.x are vulnerable. Technologies Affected Xen Xen 2.0 Xen Xen 3.0.2 Xen Xen 3.0.3 Xen Xen 3.0.4 Xen Xen 3...

0.7AI score0.00378EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/12/11 12:0 a.m.•28 views

Drupal Modal Page Module SA-CONTRIB-2019-094 Unauthorized Access Vulnerability

Description The modal page module for Drupal is prone to an unauthorized-access vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Drupal Modal Page versions 8.x-2.4, 8.x-2.3,...

1.9AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/12/11 12:0 a.m.•28 views

Libsixel CVE-2019-20022 Denial of Service Vulnerability

Description Libsixel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the application; denying service to legitimate users. Libsixel versions prior to 1.8.3 are vulnerable. Technologies Affected Libsixel Libsixel 1.0.0 Libsixel Libsixel 1.1.0 Libsixel...

0.3AI score0.00933EPSS
Exploits1References2Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•28 views

Siemens SIMATIC Products CVE-2019-10929 Man in the Middle Security Bypass Vulnerability

Description Multiple Siemens SIMATIC Products are is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. The following Siemens products are affected: Siemens SIMATIC CP...

4.3CVSS0.6AI score0.00978EPSS
Exploits0References1Affected Software4
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•28 views

Apple iOS and iPadOS CVE-2019-8841 Arbitrary Code Execution Vulnerability

Description Apple iOS and iPadOS are prone to an arbitrary code execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code with kernel privileges on the affected system. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected...

8AI score0.00397EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•28 views

Microsoft Access CVE-2019-1400 Information Disclosure Vulnerability

Description Microsoft Access is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...

0.4AI score0.02158EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•28 views

Firecracker CVE-2019-18960 Buffer Overflow Vulnerability

Description Firecracker is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Technologies Affected Firecracker Firecracker 0.18.0 Firecracker Firecracker 0.19.0 Recommendations Block external access...

1.4AI score0.03252EPSS
Exploits0References3Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•28 views

Intel Control Center-I CVE-2019-14599 Local Privilege Escalation Vulnerability

Description Intel Control Center-I is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Intel Control Center-I versions 2.1.0.0 and prior are vulnerable. Technologies Affected Intel Control Center-I 2.1.0.0 Recommendations...

2.8AI score0.00337EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•28 views

Microsoft Windows OLE CVE-2019-1484 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

0.9AI score0.08859EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/12/03 12:0 a.m.•28 views

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Description Mozilla Firefox and Firefox ESR are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions and bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks...

0.6AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/11/19 12:0 a.m.•28 views

Lenovo ThinkPad USB-C Dock CVE-2019-6176 Unspecified Denial of Service Vulnerability

Description Lenovo ThinkPad USB-C Dock is prone to a unspecified denial-of-service vulnerability. Successful exploits may allow an attacker to cause denial-of-service conditions. Lenovo ThinkPad USB-C Dock version 3.7.2 is vulnerable; other versions may also be affected. Technologies Affected...

1.4AI score0.01044EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/14 8:0 a.m.•28 views

Symantec Endpoint Protection Multiple Issues

SUMMARY Symantec has released updates to address issues that were discovered in the Symantec Endpoint Protection SEP, Symantec Endpoint Protection Manager SEPM, Symantec Endpoint Protection Small Business Edition SEP SBE and Symantec Mail Security for MS Exchange SMSMSE products. AFFECTED PRODUCT...

7.2CVSS0.7AI score0.0066EPSS
Exploits1Affected Software4
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•28 views

Microsoft Edge Chakra Scripting Engine CVE-2019-1427 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

1AI score0.09374EPSS
Exploits0
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•28 views

Microsoft Office Online CVE-2019-1445 Spoofing Vulnerability

Description Microsoft Office Online is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Office...

0.3AI score0.00751EPSS
Exploits0
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•28 views

Microsoft Windows CVE-2019-1391 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

1.3AI score0.01234EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•28 views

SAP Business Objects Business Intelligence Platform CVE-2019-0382 Cross Site Scripting Vulnerability

Description SAP Business Objects Business Intelligence Platform is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

0.4AI score0.00526EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•28 views

Adobe Illustrator CVE-2019-7962 DLL Loading Privilege Escalation Vulnerability

Description Adobe Illustrator is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Adobe Illustrator CC version 23.1 and prior are vulnerable. Technologies Affected Adobe Illustrator CC 19 Adobe Illustrator CC 21 Adobe Illustrator CC 22...

1.9AI score0.00779EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•28 views

Microsoft Windows Hyper-V CVE-2019-1389 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...

1.3AI score0.04029EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•28 views

Microsoft Windows Win32k CVE-2019-1395 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

2AI score0.01131EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/11/07 12:0 a.m.•28 views

FriBidi CVE-2019-18397 Stack Buffer Overflow Vulnerability

...

4.2AI score0.02182EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/11/04 12:0 a.m.•28 views

Google Android Library CVE-2019-2201 Remote Code Execution Vulnerability

Description Google Android is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. This issue is being tracked by Android bug ID A-120551338. Technologies Affected Google Android 10.0 Google Androi...

1.2AI score0.02461EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•28 views

Multiple IBM Products CVE-2019-4400 Directory Traversal Vulnerability

Description Multiple IBM Products are prone to a directory-traversal vulnerability. An attacker can exploit this issue using directory-traversal characters '../' to read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive...

0.9AI score0.01359EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•28 views

Multiple IBM Products CVE-2019-4461 HTTP Response Splitting Vulnerability

Description Multiple IBM Products are prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into having a false sense of...

3.5CVSS0.1AI score0.00561EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•28 views

IBM Cloud Orchestrator CVE-2019-4397 Information Disclosure Vulnerability

Description IBM Cloud Orchestrator is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following versions are affected: IBM Cloud Orchestrator 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3, 2.5.0.4...

0.5AI score0.00957EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•28 views

Multiple IBM Products CVE-2019-4546 Unauthorized Access Vulnerability

Description Multiple IBM Products are prone to an unauthorized-access vulnerability Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. Technologies Affected IBM Maximo Asset Management IBM Maximo Health Safety and...

6.5CVSS7.2AI score0.0066EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•28 views

Multiple Cisco Products CVE-2019-15264 Denial of Service Vulnerability

Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvo40697. Technologies Affected Cisco Aironet 1540 Series Access Points Cisco Aironet 1560...

2.1AI score0.00457EPSS
Exploits0References1Affected Software3
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•28 views

Oracle Enterprise Manager CVE-2019-2895 Remote Security Vulnerability

Description Oracle Enterprise Manager is prone to a remote security vulnerability in Enterprise Manager for Exadata. The vulnerability can be exploited over the 'HTTP' protocol. The 'Exadata Plug-In Deploy and Ins' component is affected. This vulnerability affects the following supported versions...

1AI score0.01215EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•28 views

Adobe Experience Manager CVE-2019-8234 Cross Site Request Forgery Vulnerability

Description Adobe Experience Manager is prone to a cross-site request forgery vulnerability because it fails to properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. Technologies Affected Adobe...

0.2AI score0.02147EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•28 views

Adobe Acrobat and Reader CVE-2019-8166 Arbitrary Code Execution Vulnerability

Description Adobe Acrobat and Reader are prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-service conditions...

9.4AI score0.04101EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•28 views

TYPO3 URL redirect Extension CVE-2019-16682 SQL Injection Vulnerability

Description URL redirect extension for TYPO3 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit late...

7.5CVSS0.7AI score0.00818EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•28 views

Oracle E-Business Suite CVE-2019-3022 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in Oracle Content Manager. The vulnerability can be exploited over the 'HTTP' protocol. The 'Content' component is affected. This vulnerability affects the following supported versions: 12.1.1 through 12.1.3 and 12.2....

1AI score0.01138EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•28 views

Oracle Business Intelligence Enterprise Edition CVE-2019-3012 Remote Security Vulnerability

Description Oracle Business Intelligence Enterprise Edition is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'BI Platform Security' component is affected. This vulnerability affects the following supported versions: 11.1.1.9.0,...

1.2AI score0.01712EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•28 views

PHP 'Closure::bindTo' Memory Corruption Vulnerability

Description PHP is prone to a a memory-corruption vulnerability. Successful exploits may allow the attacker to cause denial-of-service condition. Versions prior to PHP 7.4.0 are vulnerable. Technologies Affected PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.10 PHP PHP 7.3.11 PHP PHP 7.3.2 PHP PHP 7.3.3...

1.3AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/08 12:0 a.m.•28 views

TIBCO MDM CVE-2019-11212 Multiple Unspecified Cross-Site Scripting Vulnerabilities

Description TIBCO MDM is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

0.00684EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/02 12:0 a.m.•28 views

Cisco Unified Communications Manager CVE-2019-12716 Cross Site Scripting Vulnerability

Description Cisco Unified Communications Manager is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

0.8AI score0.01057EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/01 12:0 a.m.•28 views

Palo Alto Networks Zingbox Inspector CVE-2019-15017 Security Vulnerability

Description Palo Alto Networks Zingbox Inspector is prone to a security vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable system and perform unauthorized actions. Versions prior to Zingbox Inspector 1.295 are vulnerable. Technologies Affected...

0.5AI score0.00356EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•28 views

Microsoft Windows ALPC CVE-2019-1269 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

2.5AI score0.00939EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•28 views

Microsoft Windows JET Database Engine CVE-2019-1241 Remote Code Execution Vulnerability

Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

0.7AI score0.17239EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•28 views

Microsoft Windows SMB Client Driver CVE-2019-1293 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

1.1AI score0.02063EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•28 views

Microsoft Windows Kernel CVE-2019-1274 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

1.3AI score0.01338EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•28 views

Microsoft Windows DirectWrite CVE-2019-1251 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 18...

6.6AI score0.01699EPSS
Exploits0Affected Software2
Total number of security vulnerabilities5000