Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec endpoint protection vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2016-3647
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request.
Symantec Endpoint Protection Manager
356
VMScore
CVE-2016-3648
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization...
Symantec Endpoint Protection Manager
356
VMScore
CVE-2016-3649
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests.
Symantec Endpoint Protection Manager
356
VMScore
CVE-2016-3650
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.
Symantec Endpoint Protection Manager
356
VMScore
CVE-2016-5307
Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors.
Symantec Endpoint Protection Manager
356
VMScore
CVE-2015-1488
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown vectors.
Symantec Endpoint Protection Manager 12.1.0
355
VMScore
CVE-2016-3652
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
321
VMScore
CVE-2020-5825
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), before 14.2 RU2 MP1 and before 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to o...
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 14.0.0
Symantec Endpoint Protection 14.0.1
Symantec Endpoint Protection 14.2
Symantec Endpoint Protection 12.0
2 Github repositories
320
VMScore
CVE-2017-13680
Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system.
Symantec Endpoint Protection
Symantec Endpoint Protection 14
312
VMScore
CVE-2018-5236
Symantec Endpoint Protection before 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.
Symantec Endpoint Protection
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 14.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »