Symantec - Page 4 of Symantec Vulnerabilities List | Vulners.com

SymantecRecent

Recent Most viewed

6867 matches found

Symantec•added 2020/01/14 12:0 a.m.•57 views

Oracle WebLogic Server CVE-2020-6950 Remote Security Vulnerability

Description Oracle WebLogic Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Web Container JavaServer Faces' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0, 12.2.1.4.0 Technologies...

1AI score0.51657EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/14 12:0 a.m.•31 views

Microsoft Windows GDI+ Component CVE-2020-0643 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

1.1AI score0.00881EPSS

Exploits0Affected Software3

Symantec•added 2020/01/14 12:0 a.m.•19 views

Adobe Illustrator APSB20-03 Multiple Memory Corruption Vulnerabilities

Description Adobe Illustrator is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Adobe...

Exploits0References1Affected Software1

Symantec•added 2020/01/14 12:0 a.m.•16 views

Oracle WebLogic Server Multiple Remote Security Vulnerabilities

Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over multiple protocols. The 'WLS Core Components' and 'Console' components are affected. These vulnerabilities affect the following supported versions: 10.3.6.0.0,...

Exploits0References1Affected Software1

Symantec•added 2020/01/14 12:0 a.m.•20 views

Oracle MySQL Server cpujan2020 Multiple Security Vulnerabilities

Description Oracle MySQL Server is prone to multiple security vulnerabilities. These vulnerabilities can be exploited over 'MySQL Protocol' protocol. The 'C API', and 'Server: Optimizer' components are affected. These vulnerabilities affect the following supported versions: 5.6.46 and prior, 5.7....

Exploits0References1Affected Software1

Symantec•added 2020/01/14 12:0 a.m.•16 views

Oracle Primavera P6 Enterprise Project Portfolio Management Remote Security Vulnerability

Description Oracle Primavera P6 Enterprise Project Portfolio Management is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Web Access' component is affected. This vulnerability affects the following supported versions: 15.1.0.0 through...

Exploits0References1Affected Software1

Symantec•added 2020/01/14 12:0 a.m.•29 views

Oracle MySQL Server CVE-2020-2580 Remote Security Vulnerability

Description Oracle MySQL Server is prone to a remote security vulnerability in 'Server: DDL' component. The vulnerability can be exploited over the 'MySQL' protocol. This vulnerability affects the following supported versions: 8.0.17 and prior Technologies Affected Oracle MySQL Server 8.0.11 Orac...

1.2AI score0.00398EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/13 12:0 a.m.•27 views

Symantec Endpoint Detection and Response CVE-2019-19547 Cross Site Scripting Vulnerability

Description Symantec Endpoint Detection and Response is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affect...

0.3AI score0.00901EPSS

Exploits1References1Affected Software1

Symantec•added 2020/01/13 12:0 a.m.•36 views

Fortinet FortiSIEM CVE-2019-16153 Hardcoded Credentials Vulnerability

Description Fortinet FortiSIEM is prone to a hard-coded credentials vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable device and perform unauthorized actions. Versions prior to Fortinet FortiSIEM 5.2.6 are vulnerable. Technologies Affected Fortinet...

0.3AI score0.00408EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/11 12:0 a.m.•40 views

oVirt Engine CVE-2019-19336 Cross Site Scripting Vulnerability

Description oVirt Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the...

6.8AI score0.00307EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/10 12:0 a.m.•76 views

Oracle January 2020 Critical Patch Update Multiple Vulnerabilities

Description Oracle has released advance notification regarding the January 2020 Critical Patch Update CPU to be released on January 14, 2020. The update addresses 333 vulnerabilities affecting the following software: Oracle Database Server, versions 12.2.0.1, 18c, 19c Oracle Communications Design...

Exploits0References1Affected Software88

Symantec•added 2020/01/09 12:0 a.m.•32 views

Citrix SD-WAN CVE-2020-6175 Information Disclosure Vulnerability

Description Citrix SD-WAN Appliance is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. The following products and versions are vulnerable: NetScaler SD-WAN 10.0.x and prior Citrix SD-WAN 10.1.x are...

1.5AI score0.00144EPSS

Exploits0References1Affected Software2

Symantec•added 2020/01/08 12:0 a.m.•31 views

Juniper Junos CVE-2020-1603 Memory Leak Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 16.1 Juniper Junos 16.1R1 Juniper Junos 16.1R2 Juniper Junos 16.1R3 Juniper Junos 16.1R3-S10 Juniper Junos 16.1R3-...

0.4AI score0.00643EPSS

Exploits0References2Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•73 views

Cisco IOS and IOS XE Software CVE-2019-16009 Cross Site Request Forgery Vulnerability

Description Cisco IOS and IOS XE Software are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by...

1.1AI score0.02786EPSS

Exploits0References1Affected Software2

Symantec•added 2020/01/08 12:0 a.m.•11 views

Cisco IP Phone 6800/7800/8800 Series with Multiplatform Firmware Cross Site Scripting Vulnerability

Description Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware are prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•178 views

Mozilla Firefox and Firefox ESR CVE-2019-17026 Type Confusion Remote Code Execution Vulnerability

Description Mozilla Firefox and Firefox ESR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application. Technologies Affected Mozilla Firefox 0.1 Mozilla Firefox 0.10.0 Mozilla Firefox 0.10.1 Mozilla Firefox 0...

0.6AI score0.56192EPSS

Exploits7References1Affected Software3

Symantec•added 2020/01/08 12:0 a.m.•18 views

Cisco Crosswork Change Automation CVE-2019-16024 Cross Site Scripting Vulnerability

Description Cisco Crosswork Change Automation is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

0.2AI score0.00234EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•75 views

SQLite Multiple Security Vulnerabilities

Description SQLite is prone to the following security vulnerabilities. 1. Multiple denial-of-service vulnerabilities 2. Multiple security vulnerabilities An attacker can exploit these issues to cause denial-of-service conditions. SQLite version 3.30.1 is vulnerable. Technologies Affected Redhat...

Exploits0References4Affected Software2

Symantec•added 2020/01/08 12:0 a.m.•38 views

Juniper Junos CVE-2020-1608 Multiple Denial of Service Vulnerabilities

Description Juniper Junos is prone to multiple denial-of-service vulnerabilities. An attacker may exploit these issues to cause denial-of-service conditions. Technologies Affected Juniper Junos 17.2R2-S6 Juniper Junos 17.2R2-S7 Juniper Junos 17.2R2-S8 Juniper Junos 17.2R3 Juniper Junos 17.2R3-S1...

0.3AI score0.00552EPSS

Exploits0References2Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•21 views

Cisco Emergency Responder CVE-2019-16025 HTML Injection Vulnerability

Description Cisco Emergency Responder is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to...

5.4AI score0.00152EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•22 views

Cisco Webex Centers CVE-2020-3116 Denial of Service Vulnerability

Description Cisco Webex Centers is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCvr16379, CSCvr16383 and CSCvr16386. Technologies Affected Cisco WebEx Event Center Cisco WebEx...

1.9AI score0.00321EPSS

Exploits0References1

Symantec•added 2020/01/08 12:0 a.m.•20 views

Juniper Junos J-Web CVE-2020-1607 Cross Site Scripting Vulnerability

Description Juniper Junos is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•45 views

Cisco Finesse CVE-2019-15278 Cross Site Scripting Vulnerability

Description Cisco Finesse is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials...

6.7AI score0.00704EPSS

Exploits0References1Affected Software2

Symantec•added 2020/01/08 12:0 a.m.•619 views

Cisco AnyConnect Secure Mobility Client CVE-2019-16007 Remote Security Bypass Vulnerability

Description Cisco AnyConnect Secure Mobility Client is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvr67149...

0.9AI score0.00265EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•28 views

Cisco Unified Customer Voice Portal CVE-2019-16017 Denial of Service Vulnerability

Description Cisco Unified Customer Voice Portal is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCvp72741. Technologies Affected Cisco Unified...

1.2AI score0.00104EPSS

Exploits0References1

Symantec•added 2020/01/08 12:0 a.m.•23 views

Cisco Webex Video Mesh Software CVE-2019-16005 Remote Command Injection Vulnerability

Description Cisco Webex Video Mesh Software is prone to a remote command injection vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary commands with root privileges in the context of the affected device. This issue is being tracked by Cisco Bug ID...

1.6AI score0.00691EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•17 views

Cisco Data Center Analytics Framework CVE-2019-16015 Cross Site Scripting Vulnerability

Description Cisco Data Center Analytics Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

0.1AI score0.00319EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•22 views

Juniper Junos CVE-2020-1604 Security Bypass Vulnerability

Description Juniper Junos is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. The following products are affected: Juniper Junos 14.1X53 versions prior to...

0.7AI score0.00168EPSS

Exploits0References2Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•21 views

Juniper Junos CVE-2020-1601 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Technologies Affected Juniper Junos 15.1F Juniper Junos 15.1F1 Juniper Junos 15.1F2 Juniper Junos 15.1F2-S14 Juniper Junos 15.1F2-S16 Juniper Junos...

0.4AI score0.00405EPSS

Exploits0References2Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•9 views

Juniper Junos and Junos Evolved JSA10981 Multiple Security Vulnerabilities

Description Juniper Junos and Junos Evolved are prone to multiple security vulnerabilities. Successfully exploiting these issues may allow an attacker to perform unauthorized actions or execute arbitrary commands with root privileges on the affected device. Technologies Affected Juniper Junos 15....

Exploits0References2Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•18 views

Cisco UCS Director CVE-2019-16003 Information Disclosure Vulnerability

Description Cisco UCS Director is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvr00602. Technologies Affected Cisco UCS Director 4.0.0.0 Cisco UC...

0.6AI score0.01094EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•23 views

Apache Olingo CVE-2020-1925 Server Side Request Forgery Access Bypass Vulnerability

Description Apache Olingo is prone to an access-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Apache Olingo versions prior to 4.7.1 are vulnerable. Technologies Affected Apache Oling...

0.9AI score0.01178EPSS

Exploits0References2Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•50 views

cURL CVE-2019-15601 Remote Security Bypass Vulnerability

Description cURL is prone to a remote security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. cURL versions prior to 7.68.0 are vulnerable. Technologies Affected Haxx Curl 7.34.0 Haxx Cur...

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•19 views

Cisco Identity Services Engine CVE-2019-15255 Authorization Bypass Vulnerability

Description Cisco Identity Services Engine is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. This issue being tracked by Cisco Bug ID CSCvq67348...

1.4AI score0.0019EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•28 views

Juniper Junos CVE-2020-1600 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause the device to consume excessive CPU resources, denying service to legitimate users. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15...

0.5AI score0.0021EPSS

Exploits0References2Affected Software1

Symantec•added 2020/01/08 12:0 a.m.•22 views

Cisco Vision Dynamic Signage Director CVE-2019-16004 Authentication Bypass Vulnerability

Description Cisco Vision Dynamic Signage Director is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions with administrative privileges. This may lead to further attacks. This issue is being tracke...

1.9AI score0.00247EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/07 12:0 a.m.•95 views

Mozilla Firefox and Firefox ESR CVE-2019-17024 Remote Security Vulnerability

Description Mozilla Firefox and Firefox ESR are prone to a remote security vulnerability. Attackers can exploit this issue to execute arbitrary code or cause denial-of-service conditions. This may aid in further attacks. This issue is fixed in: Firefox 72 Firefox ESR 68.4 Technologies Affected...

0.6AI score0.0208EPSS

Exploits1References1Affected Software3

Symantec•added 2020/01/07 12:0 a.m.•19 views

Mozilla Firefox MFSA2020-01 Multiple Security Vulnerabilities

Description Mozilla Firefox is prone to the following security vulnerabilities: 1. Multiple security-bypass vulnerabilities 2. Multiple security vulnerabilities Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may aid in further...

Exploits0References1Affected Software1

Symantec•added 2020/01/07 12:0 a.m.•37 views

Mozilla Firefox and Firefox ESR CVE-2019-17015 Memory Corruption Vulnerability

Description Mozilla Firefox and Firefox ESR are prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in:...

0.6AI score0.00932EPSS

Exploits0References2Affected Software2

Symantec•added 2020/01/07 12:0 a.m.•259 views

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Description Mozilla Firefox and Firefox ESR are prone to multiple security vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions, obtain sensitive information and bypass certain security restrictions and perform unauthorized actions. This may aid in further...

Exploits0References1Affected Software3

Symantec•added 2020/01/06 2:17 p.m.•24 views

Symantec Endpoint Detection and Response XSS

SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec Endpoint Detection and Response SEDR product. AFFECTED PRODUCTS Symantec Endpoint Detection and Response SEDR --- CVE | Affected Versions | Remediation CVE-2019-19547 | Prior to 4.3.0 | Upgrade to 4.3...

4.3CVSS1.7AI score0.00901EPSS

Exploits1Affected Software1

Symantec•added 2020/01/06 12:0 a.m.•32 views

Google Android Media Framework CVE-2020-0002 Multiple Remote Code Execution Vulnerabilities

Description Google Android is prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of a privileged process. Failed attacks may cause a denial-of-service condition. These issues are being tracked by Android Bug ID...

1AI score0.00288EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/06 12:0 a.m.•28 views

Fortinet FortiAuthenticator CVE-2019-16154 Cross Site Scripting Vulnerability

Description Fortinet FortiAuthenticator is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

1AI score0.00444EPSS

Exploits0References1Affected Software1

Symantec•added 2020/01/06 12:0 a.m.•70 views

Google Android Kernel Component CVE-2020-0009 Local Privilege Escalation Vulnerability

Description Google Android is prone to a local privilege escalation vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of a privileged process. This issue is being tracked by Android Bug ID A-142938932. Technologies Affected Google Android Recommendations...

1.1AI score0.00115EPSS

Exploits4References2

Symantec•added 2020/01/06 12:0 a.m.•15 views

Qualcomm Closed Source Components Multiple Security Vulnerabilities

Description Qualcomm Closed-Source Components are prone to the following security vulnerabilities: 1. Multiple buffer-overflow vulnerabilities 2. Multiple security vulnerabilities 3. Multiple integer-overflow vulnerabilities 4. An unauthorized-access vulnerability 5. An heap-based buffer...

Exploits0References2Affected Software1

Symantec•added 2020/01/06 12:0 a.m.•13 views

Google Android System Component Multiple Information Disclosure Vulnerabilities

Description Google Android is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to obtain sensitive information that may aid in launching further attacks. These issues are being tracked by Android Bug IDs A-139738828, A-141890807 and A-142558228...

Exploits0References1Affected Software1

Symantec•added 2020/01/06 12:0 a.m.•12 views

Google Android Framework Component Multiple Security Vulnerabilities

Description Google Android is prone to the following security vulnerabilities: 1. Multiple privilege-escalation vulnerabilities 2. A denial-of-service vulnerability An attacker can exploit these issues to gain elevated privileges, and cause denial-of-service conditions. These issues are being...

Exploits0References1Affected Software1

Symantec•added 2020/01/05 12:0 a.m.•141 views

phpMyAdmin CVE-2020-5504 SQL Injection Vulnerability

...

2.2AI score0.10648EPSS

Exploits4Affected Software1

Symantec•added 2020/01/03 12:0 a.m.•22 views

Google Chrome Prior to 73.0.3683.75 Multiple Security Vulnerabilities

Description Google Chrome is prone to multiple security vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions. Versions prior to Chrome 73.0.3683.75 are vulnerable. Technologies Affected Google Chrome 0.1.38.1 Google Chrome 0.1.38.2 Google Chrome 0.1.38.4 Googl...

Exploits0References1Affected Software2

Symantec•added 2020/01/02 12:0 a.m.•16 views

Cisco Data Center Network Manager Multiple Directory Traversal Vulnerabilities

Description Cisco Data Center Network Manager is prone to a multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Remote attackers may use a specially crafted request with directory-traversal sequences '../' to retrieve arbitrary files from th...

Exploits0References1Affected Software1

Total number of security vulnerabilities6867