Lucene search
K
BroadcomSymantec Data Center Security Server

7 matches found

CVE
CVE
added 2017/04/14 6:0 p.m.64 views

CVE-2016-5309

CVE-2016-5309 is a DoS in the RAR file parser of Symantec’s decomposer engines across multiple products (ATP/NS/SEPs/SPE/SMG family). The root cause is an out-of-bounds read during RAR decompression, allowing remote attackers to crash affected applications via specially crafted RAR files. A close...

5.5CVSS5.1AI score0.06877EPSS
CVE
CVE
added 2017/04/14 6:0 p.m.63 views

CVE-2016-5310

CVE-2016-5310 covers a denial-of-service memory-corruption issue in the RAR file parser/decompressor across Symantec products (ATP, various SEP variants, SPE, SMSG, SMSDOM, SPSS, SMSMSE, SEPC, SEPC, etc.). The root cause is mishandling of crafted RAR archives in the decompression path, leading to...

5.5CVSS5.1AI score0.05307EPSS
CVE
CVE
added 2016/06/08 2:0 p.m.62 views

CVE-2015-8800

CVE-2015-8800 affects Symantec SES:CSP/SDCS:SA and related components: SES:CSP 1.0.x before 1.0 MP5, SES:CSP for Controllers and Devices 6.5.0 before MP1, SCSP before 5.2.9 MP6, DCS:SA 6.x before 6.5 MP1 and 6.6 before MP1, and DCS:SA and Agents through 6.6 MP1. The issue allows remote authentica...

7.3CVSS7.6AI score0.01363EPSS
CVE
CVE
added 2016/06/08 2:0 p.m.59 views

CVE-2015-8798

CVE-2015-8798 describes a directory traversal vulnerability in the Management Server of Symantec’s SES:CSP/SDCS:SA family. Affected products include SES:CSP 1.0.x (before 1.0 MP5), SES:CSP for Controllers and Devices 6.5.0 (before MP1), SCSP 5.2.9 (before MP6), DCS:SA 6.x (before 6.5 MP1) and 6.6...

8CVSS8.2AI score0.02536EPSS
CVE
CVE
added 2016/06/08 2:0 p.m.56 views

CVE-2015-8799

CVE-2015-8799 is a directory-traversal vulnerability in the Management Server of Symantec SES:CSP/SCSP/DCS:SA products. It allows remote authenticated users to write update-package data to arbitrary agent locations via unspecified vectors, potentially enabling code execution on affected agents. A...

7.6CVSS7.7AI score0.05694EPSS
CVE
CVE
added 2024/01/25 11:32 p.m.53 views

CVE-2024-23617

The CVE-2024-23617 vulnerability affects Symantec Data Loss Prevention ≤ 14.0.2. A buffer overflow in the affected component allows a remote, unauthenticated attacker to achieve code execution by convincing a user to open a crafted document. Public impact details are provided in multiple sources ...

9.6CVSS8.7AI score0.01659EPSS
CVE
CVE
added 2016/06/08 2:0 p.m.52 views

CVE-2015-8157

CVE-2015-8157 is a SQL injection in the Management Server of Symantec SES:CSP and related products. The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Affected products/versions include SES:CSP 1.0.x before 1.0 MP5, SES:CSP for Controllers and D...

8.8CVSS8.7AI score0.01697EPSS