Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint manager vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2015-1487
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
5.5
CVSSv2
CVE-2015-1490
Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package.
Symantec Endpoint Protection Manager 12.1.0
8.5
CVSSv2
CVE-2015-1492
Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 prior to 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package.
Symantec Endpoint Protection Manager 12.1.0
9.3
CVSSv2
CVE-2014-6140
IBM Tivoli Endpoint Manager Mobile Device Management (MDM) prior to 9.0.60100 uses the same secret HMAC token across different customers' installations, which allows remote malicious users to execute arbitrary code via crafted marshalled Ruby objects in cookies to (1) Enroll...
Ibm Tivoli Endpoint Manager Mobile Device Management
6.8
CVSSv2
CVE-2014-4774
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 prior to 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 prior to 9.1.0.2 allows remote malicious users to hijack the authentication of arbitrary users via vectors involving a ...
Ibm Endpoint Manager Family 9.1.0
Ibm Endpoint Manager Family 9.0.1
Ibm License Metric Tool 9.1.0.1
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.0.1
4.3
CVSSv2
CVE-2014-4778
IBM License Metric Tool 9 prior to 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 prior to 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote malicious users to conduct clickjacking attacks via vectors invo...
Ibm Endpoint Manager Family 9.1.0
Ibm Endpoint Manager Family 9.0.1
Ibm License Metric Tool 9.1.0.1
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.0.1
6.8
CVSSv2
CVE-2013-0452
Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application prior to 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote malicious users to hijack the authentication of arbitrary users via a web site that contains crafted Flash Action Message...
Ibm Tivoli Endpoint Manager 8.2
Ibm Software Use Analysis
5
CVSSv2
CVE-2012-1821
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.700x on Windows Server 2003 allows remote malicious users to cause a denial of service (web-server outage, or daemon crash or hang) via a flood o...
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6300
Symantec Endpoint Protection 11.0.7000
Symantec Endpoint Protection 11.0.7100
6.8
CVSSv2
CVE-2011-0551
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.6300 allows remote malicious users to hijack the authentication of administrators for requests that cre...
Symantec Endpoint Protection 11.0.6300
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6200
7.5
CVSSv2
CVE-2010-0114
fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x prior to 11 RU6 MP2 allows remote malicious users to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code...
Symantec Endpoint Protection 11.0.4
Symantec Endpoint Protection 11.0.2
Symantec Endpoint Protection 11.0.1
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 11.0.3001
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »