Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec endpoint protection vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2018-12244
SEP (Mac client) prior to and including 12.1 RU6 MP9 and before 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.
Symantec Endpoint Protection 14.2
Symantec Endpoint Protection 14.0.1
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 14.0.0
Symantec Endpoint Protection 14
605
VMScore
CVE-2018-18369
Norton Security (Windows client) before 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call...
Symantec Norton Security
Symantec Endpoint Protection Cloud Agent
Symantec Endpoint Protection Sep-12.1.7484.7002
Symantec Endpoint Protection Nis-22.15.2.22
Symantec Endpoint Protection Cloud
605
VMScore
CVE-2018-12245
Symantec Endpoint Protection before 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exp...
Symantec Endpoint Protection
605
VMScore
CVE-2016-9094
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. before 14.0 MP1 and 12.1 RU6 MP7, the potential exists...
Symantec Endpoint Protection 12.1.6
Symantec Endpoint Protection
605
VMScore
CVE-2016-3653
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Symantec Endpoint Protection Manager
1 EDB exploit
605
VMScore
CVE-2011-0551
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.6300 allows remote malicious users to hijack the authentication of administrators for requests that cre...
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6300
578
VMScore
CVE-2018-5237
Symantec Endpoint Protection before 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 14.0
Symantec Endpoint Protection
578
VMScore
CVE-2014-9229
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) prior to 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
Symantec Endpoint Protection
555
VMScore
CVE-2015-1487
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
534
VMScore
CVE-2016-3651
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
Symantec Endpoint Protection Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »