Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec endpoint protection manager vulnerabilities and exploits
(subscribe to this query)
739
VMScore
CVE-2015-8153
SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Endpoint Protection Manager
1 Article
668
VMScore
CVE-2015-6554
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3 allows remote malicious users to execute arbitrary OS commands via crafted data.
Symantec Endpoint Protection Manager
668
VMScore
CVE-2010-0114
fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x prior to 11 RU6 MP2 allows remote malicious users to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code...
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 11.0.1
Symantec Endpoint Protection 11.0.4
Symantec Endpoint Protection 11.0.2
Symantec Endpoint Protection 11.0.3001
660
VMScore
CVE-2013-5015
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 prior to 11.0.7405.1424 and 12.1 prior to 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x prior to 12.1.4023.4080, allows remote authenticated user...
Symantec Endpoint Protection Manager 11.0
Symantec Protection Center 12.0
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Manager 12.1.3
2 EDB exploits
641
VMScore
CVE-2019-12759
Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise t...
Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager 14.2
Symantec Mail Security
615
VMScore
CVE-2014-3439
ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote malicious users to write to arbitrary files via unspecified vectors.
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
1 EDB exploit
605
VMScore
CVE-2018-18367
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and before 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malic...
Symantec Endpoint Protection Manager 14.0.1
Symantec Endpoint Protection Manager 14.1
Symantec Endpoint Protection Manager 12.1
Symantec Endpoint Protection Manager 14
Symantec Endpoint Protection Manager 14.2
605
VMScore
CVE-2016-3653
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Symantec Endpoint Protection Manager
1 EDB exploit
605
VMScore
CVE-2011-0551
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.6300 allows remote malicious users to hijack the authentication of administrators for requests that cre...
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6300
578
VMScore
CVE-2014-9229
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) prior to 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
Symantec Endpoint Protection
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »