Lucene search
K
SymantecRecent

6867 matches found

Symantec
Symantec
•added 2018/11/13 12:0 a.m.•393 views

Microsoft Dynamics 365 CVE-2018-8607 Cross Site Scripting Vulnerability

Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

6.2AI score0.01413EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•391 views

Microsoft Outlook CVE-2018-8558 Information Disclosure Vulnerability

Description Microsoft Outlook is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft...

6.6AI score0.05585EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•395 views

Microsoft SharePoint Server CVE-2018-8578 Information Disclosure Vulnerability

Description Microsoft SharePoint Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SharePoint Foundation 2013 SP1 Recommendations Run all software as a...

5AI score0.04836EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•389 views

Microsoft Outlook CVE-2018-8524 Remote Code Execution Vulnerability

Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019...

0.4AI score0.19059EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•379 views

Microsoft ChakraCore Scripting Engine CVE-2018-8556 Remote Memory Corruption Vulnerability

Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...

0.6AI score0.14159EPSS
Exploits0References1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•438 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8589 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1...

2.5AI score0.03023EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•381 views

Microsoft Outlook CVE-2018-8576 Remote Code Execution Vulnerability

Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019...

0.4AI score0.19059EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•391 views

Microsoft Team Foundation Server CVE-2018-8602 Cross Site Scripting Vulnerability

Description Microsoft Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

6.3AI score0.01503EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•379 views

Microsoft Active Directory Federation Services CVE-2018-8547 Cross-Site Scripting Vulnerability

Description Microsoft Active Directory Federation Services is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

0.5AI score0.01605EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•388 views

Microsoft Excel CVE-2018-8574 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

0.8AI score0.19059EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•377 views

Microsoft ChakraCore Scripting Engine CVE-2018-8541 Remote Memory Corruption Vulnerability

Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...

0.6AI score0.14227EPSS
Exploits0References1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•392 views

Microsoft Internet Explorer CVE-2018-8570 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11 is are vulnerable...

0.2AI score0.14159EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•423 views

Microsoft Powershell CVE-2018-8415 Tampering Security Bypass Vulnerability

Description Microsoft Powershell is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft PowerShell Core 6.0.0 Microsoft PowerShell Core 6.1.0 Microsoft Windows 10...

1.9AI score0.01185EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•403 views

Microsoft Team Foundation Server CVE-2018-8529 Remote Code Execution Vulnerability

Description Microsoft Team Foundation Server is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microso...

0.5AI score0.13455EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•371 views

Microsoft Edge CVE-2018-8567 Remote Privilege Escalation Vulnerability

Description Microsoft Edge is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Edge Recommendations Block external access at the network boundary, unless external parties require service. Filter...

5.9AI score0.03141EPSS
Exploits0
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•380 views

Microsoft Windows VBScript Engine CVE-2018-8544 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version...

0.8AI score0.47556EPSS
Exploits3Affected Software3
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•379 views

Microsoft Azure App Service CVE-2018-8600 Cross Site Scripting Vulnerability

Description Microsoft Azure App Service is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

6.8AI score0.01983EPSS
Exploits0
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•405 views

Microsoft Dynamics 365 CVE-2018-8609 Remote Code Execution Vulnerability

Description Microsoft Dynamics 365 is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the SQL service account. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microsoft Dynamics...

0.6AI score0.08719EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•388 views

Microsoft Windows JScript Security Feature CVE-2018-8417 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...

2AI score0.02002EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•377 views

Microsoft ChakraCore Scripting Engine CVE-2018-8557 Remote Memory Corruption Vulnerability

Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...

0.6AI score0.14159EPSS
Exploits0References1
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•400 views

Microsoft Windows COM CVE-2018-8550 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

2.5AI score0.03295EPSS
Exploits4Affected Software3
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•392 views

Microsoft Windows DirectX CVE-2018-8485 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...

2.4AI score0.01193EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•379 views

Microsoft Windows Security Feature CVE-2018-8549 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...

1AI score0.01184EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•387 views

Microsoft Windows ALPC CVE-2018-8584 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

2.8AI score0.02696EPSS
Exploits2Affected Software2
Symantec
Symantec
•added 2018/11/13 12:0 a.m.•410 views

Microsoft Windows DirectX CVE-2018-8561 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...

2.4AI score0.01193EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2018/11/07 8:1 a.m.•104 views

Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018

SUMMARY Symantec Network Protection products using affected versions of Apache httpd are susceptible to multiple security vulnerabilities. A remote attacker can obtain sensitive information, bypass intended security restrictions, modify session information in CGI applications, replay authenticate...

6.8CVSS2AI score0.94999EPSS
Exploits9Affected Software4
Symantec
Symantec
•added 2018/10/30 12:0 a.m.•74 views

OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability

Description OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. Technologies Affected Bluecoat BCAAA 6.1 IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 IBM Aix 7.2 IBM DataPower Gateway...

4.3CVSS1.1AI score0.12154EPSS
Exploits0References5Affected Software24
Symantec
Symantec
•added 2018/10/24 12:0 a.m.•19 views

FasterXML Jackson-databind Polymorphic Deserialization Multiple Security Vulnerability

Description FasterXML Jackson-databind is prone to multiple security vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code, bypass certain security restrictions, perform unauthorized actions or obtain potentially sensitive information. Failed exploi...

0.4AI score
Exploits0References2Affected Software15
Symantec
Symantec
•added 2018/10/23 12:0 a.m.•36 views

GitLab CVE-2018-19495 Server Side Request Forgery Security Bypass Vulnerability

Description GitLab is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. GitLab versions prior to 11.3.11, 11.4.x prior to 11.4.8 and 11.5.x prior to 11.5.1 are vulnerable...

4CVSS0.4AI score0.00984EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2018/10/17 12:0 a.m.•105 views

Ruby OpenSSL CVE-2018-16395 Certificate Validation Security Bypass Vulnerability

Description Ruby OpenSSL is prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Technologies Affected Oracle Communications Interactive Session Recorder 6.0 Oracle...

7.5CVSS0.2AI score0.10715EPSS
Exploits0References1Affected Software17
Symantec
Symantec
•added 2018/10/16 8:1 a.m.•54 views

Reflected XSS Vulnerability in Web Isolation

SUMMARY Symantec Web Isolation WI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript cod...

4.3CVSS0.2AI score0.00999EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/10/16 12:0 a.m.•50 views

Spring Framework CVE-2018-15756 Denial-Of-Service Vulnerability

...

5CVSS2.1AI score0.09513EPSS
Exploits0Affected Software20
Symantec
Symantec
•added 2018/10/16 12:0 a.m.•26 views

Oracle Enterprise Manager Ops Center CVE-2016-4000 Remote Security Vulnerability

Description Oracle Enterprise Manager Ops Center is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Networking Jython' component is affected. This vulnerability affects the following supported versions: 12.2.2, 12.3.3 Technologies Affect...

7.5CVSS1.1AI score0.0657EPSS
Exploits0References1Affected Software5
Symantec
Symantec
•added 2018/10/11 8:1 a.m.•70 views

Apache Tomcat Vulnerabilities Jan-Aug 2018

SUMMARY Symantec Network Protection products using affected versions of Apache Tomcat are susceptible to multiple security vulnerabilities. A remote attacker, with access to the management interface, can gain unauthorized access to a web application resource or cause denial of service in the Tomc...

7.5CVSS0.1AI score0.21979EPSS
Exploits2Affected Software4
Symantec
Symantec
•added 2018/10/10 8:1 a.m.•51 views

OpenSSL Vulnerabilities 16-Apr-2018 and 12-Jun-2018

SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A malicious SSL/TLS server can send large DH parameters during connections using DH/DHE cipher suites and cause denial-of-service in the SSL/TLS client. A local attacker can...

5CVSS1.2AI score0.49268EPSS
Exploits0Affected Software22
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•160 views

Microsoft Windows Graphics Component CVE-2018-8432 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Excel Viewer...

0.4AI score0.19629EPSS
Exploits0Affected Software5
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•147 views

Microsoft Edge Chakra Scripting Engine CVE-2018-8503 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

0.6AI score0.14607EPSS
Exploits0References1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•16 views

Intel Graphics Driver Remote Code Execution And Denial of Service Vulnerabilities

Description Intel Graphics Driver is prone to a remote code-execution vulnerability and a denial-of-service vulnerability. Successfully exploiting these issues may allow an attacker to execute arbitrary code in the context of affected application or cause denial-of-service conditions. Intel...

2.2AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•146 views

Microsoft SQL Server Management Studio CVE-2018-8532 Information Disclosure Vulnerability

Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...

5.4AI score0.23373EPSS
Exploits5Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•145 views

Microsoft SQL Server Management Studio CVE-2018-8527 Information Disclosure Vulnerability

Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...

5.4AI score0.23373EPSS
Exploits5Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•150 views

Microsoft SharePoint Server CVE-2018-8480 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...

0.3AI score0.02266EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•148 views

Microsoft ChakraCore Scripting Engine CVE-2018-8473 Remote Memory Corruption Vulnerability

Description Microsoft ChakraCore Scripting Engine is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...

0.3AI score0.14607EPSS
Exploits0References1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•146 views

Microsoft Edge CVE-2018-8509 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...

0.5AI score0.13131EPSS
Exploits0
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•150 views

Microsoft Edge Chakra Scripting Engine CVE-2018-8511 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

0.6AI score0.14607EPSS
Exploits0References1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•163 views

Microsoft Windows Theme API CVE-2018-8413 Remote Code Execution Vulnerability

Description Microsoft Windows Theme API is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Microsoft Window...

0.8AI score0.46406EPSS
Exploits3Affected Software3
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•286 views

Microsoft Windows DirectX CVE-2018-8486 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

0.3AI score0.01682EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•139 views

Microsoft SharePoint Server CVE-2018-8518 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...

0.3AI score0.02715EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•147 views

Microsoft Windows Media Player CVE-2018-8482 Information Disclosure Vulnerability

Description Microsoft Windows Media Player is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 1...

6AI score0.05141EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•199 views

Microsoft Windows Codecs Library CVE-2018-8506 Information Disclosure Vulnerability

Description Microsoft Windows Codecs Library is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows...

0.3AI score0.0436EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2018/10/09 12:0 a.m.•147 views

Microsoft Edge CVE-2018-8530 Security Bypass Vulnerability

Description Microsoft Edge is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Edge Recommendations Run all...

5.7AI score0.05498EPSS
Exploits0
Total number of security vulnerabilities6867