Filtered by vendor Symantec
Subscribe
Total
571 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5823 | 1 Symantec | 1 Endpoint Protection | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
| CVE-2019-12753 | 1 Symantec | 1 Reporter | 2024-02-04 | 4.0 MEDIUM | 4.9 MEDIUM |
| An information disclosure vulnerability in Symantec Reporter web UI 10.3 prior to 10.3.2.5 allows a malicious authenticated administrator user to obtain passwords for external SMTP, FTP, FTPS, LDAP, and Cloud Log Download servers that they might not otherwise be authorized to access. The malicious administrator user can also obtain the passwords of other Reporter web UI users. | |||||
| CVE-2019-12754 | 1 Symantec | 1 Vip | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
| Symantec My VIP portal, previous version which has already been auto updated, was susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users or potentially bypass access controls such as the same-origin policy. | |||||
| CVE-2019-9703 | 1 Symantec | 1 Endpoint Encryption | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | |||||
| CVE-2019-9702 | 1 Symantec | 1 Endpoint Encryption | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | |||||
| CVE-2018-18371 | 2 Broadcom, Symantec | 2 Symantec Proxysg, Advanced Secure Gateway | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP server from the ASG/ProxySG's web listing of the FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2. | |||||
| CVE-2019-9697 | 1 Symantec | 1 Management Center | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access. | |||||
| CVE-2019-12751 | 1 Symantec | 1 Message Gateway | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
| CVE-2019-9701 | 1 Symantec | 1 Data Loss Prevention | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
| DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. | |||||
| CVE-2019-12755 | 1 Symantec | 1 Norton Password Manager | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. | |||||
| CVE-2019-12750 | 1 Symantec | 1 Endpoint Protection | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||