Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23951
Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4.1
Broadcom Symantec Identity Governance And Administration 14.4.2
Broadcom Symantec Identity Manager 14.4
Broadcom Symantec Identity Manager 14.3
NA
CVE-2023-23949
An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4.1
Broadcom Symantec Identity Governance And Administration 14.4.2
Broadcom Symantec Identity Manager 14.4
Broadcom Symantec Identity Manager 14.3
NA
CVE-2022-25631
Symantec Endpoint Protection, before 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated
Broadcom Symantec Endpoint Protection
NA
CVE-2022-25626
An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session.
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4
NA
CVE-2022-25627
An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4
NA
CVE-2022-25628
An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4
Broadcom Symantec Identity Governance And Administration 14.3
Broadcom Symantec Identity Governance And Administration 14.4
NA
CVE-2022-25629
An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column).
Symantec Messaging Gateway
NA
CVE-2022-25630
An authenticated user can embed malicious content with XSS into the admin group policy page.
Symantec Messaging Gateway
NA
CVE-2022-37016
Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an applic...
Broadcom Symantec Endpoint Protection
NA
CVE-2022-37017
Symantec Endpoint Protection (Windows) agent, before 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to...
Broadcom Symantec Endpoint Protection
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »