Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3438
Multiple cross-site scripting (XSS) vulnerabilities in console interface scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
NA
CVE-2014-3437
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote malicious users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, rel...
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager
1 EDB exploit
NA
CVE-2014-3439
ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote malicious users to write to arbitrary files via unspecified vectors.
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
1 EDB exploit
9.8
CVSSv3
CVE-2022-27773
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.
Ivanti Endpoint Manager 2021.1
Ivanti Endpoint Manager
Ivanti Endpoint Manager 2022
7.8
CVSSv3
CVE-2018-18367
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and before 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malic...
Symantec Endpoint Protection Manager 14.0.1
Symantec Endpoint Protection Manager 14.1
Symantec Endpoint Protection Manager 12.1
Symantec Endpoint Protection Manager 14
Symantec Endpoint Protection Manager 14.2
5.5
CVSSv3
CVE-2020-6933
An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and previous versions), and 12.11.1 QF3 (and previous versions) could allow an malicious user to potentially cause a Denial of Service (DoS) of the UEM Core service.
Blackberry Unified Endpoint Manager
Blackberry Unified Endpoint Manager 12.11.1
Blackberry Unified Endpoint Manager 12.12.1a
Blackberry Unified Endpoint Manager 12.13.0
8.8
CVSSv3
CVE-2017-11463
In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. In other words, a normal user can send requests to a specific URI with the target...
Ivanti Endpoint Manager 2017.3
Ivanti Endpoint Manager 2016.4
Ivanti Endpoint Manager 2017.1
9.8
CVSSv3
CVE-2019-10651
An issue exists in the Core Server in Ivanti Endpoint Manager (EPM) 2017.3 before SU7 and 2018.x prior to 2018.3 SU3, with remote code execution. In other words, the issue affects 2017.3, 2018.1, and 2018.3 installations that lack the April 2019 update.
Ivanti Endpoint Manager 2018.3
Ivanti Endpoint Manager 2018.1
Ivanti Endpoint Manager 2017.3
NA
CVE-2013-5014
The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 prior to 11.0.7405.1424 and 12.1 prior to 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x prior to 12.1.4023.4080, allows remote malicious users to read arbitrary files via XML d...
Symantec Protection Center 12.0
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 11.0
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
2 EDB exploits
NA
CVE-2013-5015
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 prior to 11.0.7405.1424 and 12.1 prior to 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x prior to 12.1.4023.4080, allows remote authenticated user...
Symantec Endpoint Protection Manager 11.0
Symantec Protection Center 12.0
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Manager 12.1.3
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »