Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SymantecRecent
RecentMost viewed

6867 matches found

Symantec
Symantec•added 2020/01/14 12:0 a.m.•24 views

Oracle WebLogic Server Multiple Remote Security Vulnerabilities

Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over 'HTTP' protocol. The 'WLS Core Components' is affected. These vulnerabilities affect the following supported versions: 10.3.6.0.0 Technologies Affected Oracle...

0.8AI score
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/14 12:0 a.m.•18 views

Oracle WebLogic Server Multiple Remote Security Vulnerabilities

Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over multiple protocols. The 'WLS Core Components' and 'Console' components are affected. These vulnerabilities affect the following supported versions: 10.3.6.0.0,...

0.8AI score
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/14 12:0 a.m.•44 views

SAP NetWeaver Process Integration CVE-2020-6305 Cross Site Scripting Vulnerability

Description SAP NetWeaver Process Integration is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

1.2AI score0.00654EPSS
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/14 12:0 a.m.•846 views

Microsoft .NET Framework CVE-2020-0646 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

0.2AI score0.99193EPSS
Exploits5
Symantec
Symantec•added 2020/01/14 12:0 a.m.•95 views

Microsoft .NET Framework CVE-2020-0606 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

0.1AI score0.17263EPSS
Exploits0
Symantec
Symantec•added 2020/01/14 12:0 a.m.•121 views

Microsoft .NET Core CVE-2020-0605 Remote Code Execution Vulnerability

Description Microsoft .NET Core is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

0.1AI score0.17906EPSS
Exploits0
Symantec
Symantec•added 2020/01/14 12:0 a.m.•133 views

Oracle Java SE/Java SE Embedded CVE-2020-2659 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231; Java SE...

6.6AI score0.04221EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/13 12:0 a.m.•30 views

Symantec Endpoint Detection and Response CVE-2019-19547 Cross Site Scripting Vulnerability

Description Symantec Endpoint Detection and Response is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affect...

0.3AI score0.01379EPSS
Exploits1References1Affected Software1
Symantec
Symantec•added 2020/01/13 12:0 a.m.•43 views

Fortinet FortiSIEM CVE-2019-16153 Hardcoded Credentials Vulnerability

Description Fortinet FortiSIEM is prone to a hard-coded credentials vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable device and perform unauthorized actions. Versions prior to Fortinet FortiSIEM 5.2.6 are vulnerable. Technologies Affected Fortinet...

0.3AI score0.0115EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/11 12:0 a.m.•42 views

oVirt Engine CVE-2019-19336 Cross Site Scripting Vulnerability

Description oVirt Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the...

6.8AI score0.00941EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/10 12:0 a.m.•87 views

Oracle January 2020 Critical Patch Update Multiple Vulnerabilities

Description Oracle has released advance notification regarding the January 2020 Critical Patch Update CPU to be released on January 14, 2020. The update addresses 333 vulnerabilities affecting the following software: Oracle Database Server, versions 12.2.0.1, 18c, 19c Oracle Communications Design...

1.2AI score
Exploits0References1Affected Software88
Symantec
Symantec•added 2020/01/09 12:0 a.m.•42 views

Citrix SD-WAN CVE-2020-6175 Information Disclosure Vulnerability

Description Citrix SD-WAN Appliance is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. The following products and versions are vulnerable: NetScaler SD-WAN 10.0.x and prior Citrix SD-WAN 10.1.x are...

1.5AI score0.0059EPSS
Exploits0References1Affected Software2
Symantec
Symantec•added 2020/01/08 12:0 a.m.•52 views

cURL CVE-2019-15601 Remote Security Bypass Vulnerability

Description cURL is prone to a remote security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. cURL versions prior to 7.68.0 are vulnerable. Technologies Affected Haxx Curl 7.34.0 Haxx Cur...

8.6AI score
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•23 views

Cisco Data Center Analytics Framework CVE-2019-16015 Cross Site Scripting Vulnerability

Description Cisco Data Center Analytics Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

0.1AI score0.00801EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•32 views

Juniper Junos CVE-2020-1600 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause the device to consume excessive CPU resources, denying service to legitimate users. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15...

0.5AI score0.01196EPSS
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•179 views

Mozilla Firefox and Firefox ESR CVE-2019-17026 Type Confusion Remote Code Execution Vulnerability

Description Mozilla Firefox and Firefox ESR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application. Technologies Affected Mozilla Firefox 0.1 Mozilla Firefox 0.10.0 Mozilla Firefox 0.10.1 Mozilla Firefox 0...

0.6AI score0.46589EPSS
Exploits7References1Affected Software3
Symantec
Symantec•added 2020/01/08 12:0 a.m.•27 views

Cisco Crosswork Change Automation CVE-2019-16024 Cross Site Scripting Vulnerability

Description Cisco Crosswork Change Automation is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

0.2AI score0.00801EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•22 views

Juniper Junos CVE-2020-1601 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 15.1F Juniper Junos 15.1F1 Juniper Junos 15.1F2 Juniper Junos 15.1F2-S14 Juniper Junos 15.1F2-S16 Juniper Junos...

0.4AI score0.01075EPSS
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•25 views

Cisco Identity Services Engine CVE-2019-15255 Authorization Bypass Vulnerability

Description Cisco Identity Services Engine is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. This issue being tracked by Cisco Bug ID CSCvq67348...

1.4AI score0.0111EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•22 views

Juniper Junos J-Web CVE-2020-1607 Cross Site Scripting Vulnerability

Description Juniper Junos is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

0.00881EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•24 views

Apache Olingo CVE-2020-1925 Server Side Request Forgery Access Bypass Vulnerability

Description Apache Olingo is prone to an access-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Apache Olingo versions prior to 4.7.1 are vulnerable. Technologies Affected Apache Oling...

0.9AI score0.0283EPSS
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•76 views

SQLite Multiple Security Vulnerabilities

Description SQLite is prone to the following security vulnerabilities. 1. Multiple denial-of-service vulnerabilities 2. Multiple security vulnerabilities An attacker can exploit these issues to cause denial-of-service conditions. SQLite version 3.30.1 is vulnerable. Technologies Affected Redhat...

0.6AI score
Exploits0References4Affected Software2
Symantec
Symantec•added 2020/01/08 12:0 a.m.•34 views

Juniper Junos CVE-2020-1603 Memory Leak Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 16.1 Juniper Junos 16.1R1 Juniper Junos 16.1R2 Juniper Junos 16.1R3 Juniper Junos 16.1R3-S10 Juniper Junos 16.1R3-...

0.4AI score0.01405EPSS
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•28 views

Cisco Emergency Responder CVE-2019-16025 HTML Injection Vulnerability

Description Cisco Emergency Responder is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to...

5.4AI score0.00622EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•77 views

Cisco IOS and IOS XE Software CVE-2019-16009 Cross Site Request Forgery Vulnerability

Description Cisco IOS and IOS XE Software are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by...

1.1AI score0.00975EPSS
Exploits0References1Affected Software2
Symantec
Symantec•added 2020/01/08 12:0 a.m.•50 views

Cisco Finesse CVE-2019-15278 Cross Site Scripting Vulnerability

Description Cisco Finesse is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials...

6.7AI score0.00897EPSS
Exploits0References1Affected Software2
Symantec
Symantec•added 2020/01/08 12:0 a.m.•32 views

Juniper Junos CVE-2020-1604 Security Bypass Vulnerability

Description Juniper Junos is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. The following products are affected: Juniper Junos 14.1X53 versions prior to...

0.7AI score0.00849EPSS
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•44 views

Juniper Junos CVE-2020-1608 Multiple Denial of Service Vulnerabilities

Description Juniper Junos is prone to multiple denial-of-service vulnerabilities. An attacker may exploit these issues to cause denial-of-service conditions. Technologies Affected Juniper Junos 17.2R2-S6 Juniper Junos 17.2R2-S7 Juniper Junos 17.2R2-S8 Juniper Junos 17.2R3 Juniper Junos 17.2R3-S1...

0.3AI score0.01332EPSS
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•27 views

Cisco UCS Director CVE-2019-16003 Information Disclosure Vulnerability

Description Cisco UCS Director is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvr00602. Technologies Affected Cisco UCS Director 4.0.0.0 Cisco UC...

0.6AI score0.01221EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•12 views

Cisco IP Phone 6800/7800/8800 Series with Multiplatform Firmware Cross Site Scripting Vulnerability

Description Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware are prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

0.7AI score
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•26 views

Cisco Webex Video Mesh Software CVE-2019-16005 Remote Command Injection Vulnerability

Description Cisco Webex Video Mesh Software is prone to a remote command injection vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary commands with root privileges in the context of the affected device. This issue is being tracked by Cisco Bug ID...

1.6AI score0.03507EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•29 views

Cisco Vision Dynamic Signage Director CVE-2019-16004 Authentication Bypass Vulnerability

Description Cisco Vision Dynamic Signage Director is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions with administrative privileges. This may lead to further attacks. This issue is being tracke...

1.9AI score0.01027EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•29 views

Cisco Webex Centers CVE-2020-3116 Denial of Service Vulnerability

Description Cisco Webex Centers is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCvr16379, CSCvr16383 and CSCvr16386. Technologies Affected Cisco WebEx Event Center Cisco WebEx...

1.9AI score0.00664EPSS
Exploits0References1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•10 views

Juniper Junos and Junos Evolved JSA10981 Multiple Security Vulnerabilities

Description Juniper Junos and Junos Evolved are prone to multiple security vulnerabilities. Successfully exploiting these issues may allow an attacker to perform unauthorized actions or execute arbitrary commands with root privileges on the affected device. Technologies Affected Juniper Junos 15....

0.4AI score
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•625 views

Cisco AnyConnect Secure Mobility Client CVE-2019-16007 Remote Security Bypass Vulnerability

Description Cisco AnyConnect Secure Mobility Client is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvr67149...

0.9AI score0.0036EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/08 12:0 a.m.•34 views

Cisco Unified Customer Voice Portal CVE-2019-16017 Denial of Service Vulnerability

Description Cisco Unified Customer Voice Portal is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCvp72741. Technologies Affected Cisco Unified...

1.2AI score0.00934EPSS
Exploits0References1
Symantec
Symantec•added 2020/01/07 12:0 a.m.•21 views

Mozilla Firefox MFSA2020-01 Multiple Security Vulnerabilities

Description Mozilla Firefox is prone to the following security vulnerabilities: 1. Multiple security-bypass vulnerabilities 2. Multiple security vulnerabilities Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may aid in further...

7.3AI score
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/07 12:0 a.m.•96 views

Mozilla Firefox and Firefox ESR CVE-2019-17024 Remote Security Vulnerability

Description Mozilla Firefox and Firefox ESR are prone to a remote security vulnerability. Attackers can exploit this issue to execute arbitrary code or cause denial-of-service conditions. This may aid in further attacks. This issue is fixed in: Firefox 72 Firefox ESR 68.4 Technologies Affected...

0.6AI score0.02455EPSS
Exploits1References1Affected Software3
Symantec
Symantec•added 2020/01/07 12:0 a.m.•260 views

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Description Mozilla Firefox and Firefox ESR are prone to multiple security vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions, obtain sensitive information and bypass certain security restrictions and perform unauthorized actions. This may aid in further...

0.7AI score
Exploits0References1Affected Software3
Symantec
Symantec•added 2020/01/07 12:0 a.m.•38 views

Mozilla Firefox and Firefox ESR CVE-2019-17015 Memory Corruption Vulnerability

Description Mozilla Firefox and Firefox ESR are prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in:...

0.6AI score0.01814EPSS
Exploits0References2Affected Software2
Symantec
Symantec•added 2020/01/06 2:17 p.m.•27 views

Symantec Endpoint Detection and Response XSS

SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec Endpoint Detection and Response SEDR product. AFFECTED PRODUCTS Symantec Endpoint Detection and Response SEDR --- CVE | Affected Versions | Remediation CVE-2019-19547​ | Prior to 4.3.0 | Upgrade to 4.3...

4.3CVSS1.7AI score0.01379EPSS
Exploits1Affected Software1
Symantec
Symantec•added 2020/01/06 12:0 a.m.•38 views

Google Android Media Framework CVE-2020-0002 Multiple Remote Code Execution Vulnerabilities

Description Google Android is prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of a privileged process. Failed attacks may cause a denial-of-service condition. These issues are being tracked by Android Bug ID...

1AI score0.01387EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/06 12:0 a.m.•33 views

Fortinet FortiAuthenticator CVE-2019-16154 Cross Site Scripting Vulnerability

Description Fortinet FortiAuthenticator is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

1AI score0.00698EPSS
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/06 12:0 a.m.•75 views

Google Android Kernel Component CVE-2020-0009 Local Privilege Escalation Vulnerability

Description Google Android is prone to a local privilege escalation vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of a privileged process. This issue is being tracked by Android Bug ID A-142938932. Technologies Affected Google Android Recommendations...

1.1AI score0.00687EPSS
Exploits4References2
Symantec
Symantec•added 2020/01/06 12:0 a.m.•17 views

Qualcomm Closed Source Components Multiple Security Vulnerabilities

Description Qualcomm Closed-Source Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple security vulnerabilities 3. Multiple integer-overflow vulnerabilities 4. An unauthorized-access vulnerability 5. An heap-based buffer...

0.6AI score
Exploits0References2Affected Software1
Symantec
Symantec•added 2020/01/06 12:0 a.m.•13 views

Google Android Framework Component Multiple Security Vulnerabilities

Description Google Android is prone to the following security vulnerabilities: 1. Multiple privilege-escalation vulnerabilities 2. A denial-of-service vulnerability An attacker can exploit these issues to gain elevated privileges, and cause denial-of-service conditions. These issues are being...

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/06 12:0 a.m.•14 views

Google Android System Component Multiple Information Disclosure Vulnerabilities

Description Google Android is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to obtain sensitive information that may aid in launching further attacks. These issues are being tracked by Android Bug IDs A-139738828, A-141890807 and A-142558228...

1.1AI score
Exploits0References1Affected Software1
Symantec
Symantec•added 2020/01/05 12:0 a.m.•143 views

phpMyAdmin CVE-2020-5504 SQL Injection Vulnerability

...

2.2AI score0.38778EPSS
Exploits4Affected Software1
Symantec
Symantec•added 2020/01/03 12:0 a.m.•23 views

Google Chrome Prior to 73.0.3683.75 Multiple Security Vulnerabilities

Description Google Chrome is prone to multiple security vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions. Versions prior to Chrome 73.0.3683.75 are vulnerable. Technologies Affected Google Chrome 0.1.38.1 Google Chrome 0.1.38.2 Google Chrome 0.1.38.4 Googl...

1.4AI score
Exploits0References1Affected Software2
Symantec
Symantec•added 2020/01/02 12:0 a.m.•40 views

Cisco Data Center Network Manager CVE-2019-15999 Unauthorized Access Vulnerability

Description Cisco Data Center Network Manager is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvs00139. Technologies...

1.6AI score0.03647EPSS
Exploits4References1Affected Software1
Total number of security vulnerabilities6867