| CVE-2017-15530 |
low |
3.3 |
3.3 |
|
|
symantec |
9y ago |
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to an Information Disclosure issue. Information disclosure is a very common issue that attackers will attempt to exploit as a first… |
| CVE-2015-8801 |
low |
2.9 |
2.9 |
|
|
symantec |
10y ago |
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations befo… |
| CVE-2015-6556 |
low |
— |
2.3 |
|
|
symantec |
11y ago |
EACommunicatorSrv.exe in the Framework Service in the client in Symantec Endpoint Encryption (SEE) before 11.1.0 allows remote authenticated users to discover credentials by triggering a memory dump. |
| CVE-2015-6549 |
low |
— |
3.5 |
|
|
symantec |
11y ago |
Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBackup OpsCenter before 7.7.1 allows remote authenticated users to inject arbitrary web script or HTML … |
| CVE-2014-9224 |
low |
— |
4.5 |
EXP |
|
broadcomsymantec |
12y ago |
Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec … |
| CVE-2014-1652 |
low |
— |
2.3 |
|
|
symantec |
12y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unsp… |
| CVE-2014-1647 |
low |
— |
2.6 |
|
|
symantec |
12y ago |
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of se… |
| CVE-2014-1646 |
low |
— |
2.6 |
|
|
symantec |
12y ago |
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform memory copies, which allows remote attackers to cause a denial of servi… |
| CVE-2013-4678 |
low |
— |
2.7 |
|
|
symantec |
13y ago |
The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified … |
| CVE-2013-1615 |
low |
— |
2.9 |
|
|
symantec |
13y ago |
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspec… |
| CVE-2013-1611 |
low |
— |
3.5 |
|
|
symantec |
13y ago |
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitra… |
| CVE-2012-3582 |
low |
— |
2.9 |
|
|
symantec |
14y ago |
Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circ… |
| CVE-2012-3581 |
low |
— |
3.3 |
|
|
symantec |
14y ago |
Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors. |
| CVE-2012-0300 |
low |
— |
3.3 |
|
|
symantec |
14y ago |
Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive vers… |
| CVE-2010-0106 |
low |
— |
1.9 |
|
|
symantec |
17y ago |
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attacker… |
