Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec management console vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-3433
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x prior to 4.5 allows remote malicious users to inject arbitrary web script or HTML via an unspecified form field, related to an "HTML script injection" issue.
Symantec Data Insight 4.0
Symantec Data Insight 3.0.1
Symantec Data Insight 3.0
4.3
CVSSv2
CVE-2013-4676
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Backup Exec 2010 R3 prior to 2010 R3 SP3 and 2012 before SP2 allow remote malicious users to inject arbitrary web script or HTML via vectors involving a (1) custom-reports generation page, (2) Storage Devices creatio...
Symantec Backup Exec 2010 R3
Symantec Backup Exec 2012
6.5
CVSSv2
CVE-2016-2204
The management console on Symantec Messaging Gateway (SMG) Appliance devices prior to 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input.
Symantec Messaging Gateway 10.6.0
Symantec Messaging Gateway
5.8
CVSSv2
CVE-2014-1651
SQL injection vulnerability in clientreport.php in the management console in Symantec Web Gateway (SWG) prior to 5.2 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
Symantec Web Gateway 5.1
7.5
CVSSv2
CVE-2014-3437
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote malicious users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, rel...
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager
1 EDB exploit
7.5
CVSSv2
CVE-2013-5014
The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 prior to 11.0.7405.1424 and 12.1 prior to 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x prior to 12.1.4023.4080, allows remote malicious users to read arbitrary files via XML d...
Symantec Protection Center 12.0
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 11.0
Symantec Endpoint Protection Manager 12.1.3
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
2 EDB exploits
2.3
CVSSv2
CVE-2014-1652
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) prior to 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified report parameters.
Symantec Web Gateway
Symantec Web Gateway 5.1
6.5
CVSSv2
CVE-2013-5015
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 prior to 11.0.7405.1424 and 12.1 prior to 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x prior to 12.1.4023.4080, allows remote authenticated user...
Symantec Endpoint Protection Manager 11.0
Symantec Protection Center 12.0
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Manager 12.1.3
2 EDB exploits
10
CVSSv2
CVE-2008-0640
Symantec Ghost Solution Suite 1.1 prior to 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote malicious users to execute arbitrary commands via unspecified RPC requests in conjunction with ARP sp...
Symantec Ghost Solutions Suite 1.1
Symantec Ghost Solutions Suite 2.0.0
Symantec Ghost Solutions Suite 2.0.1
3.5
CVSSv2
CVE-2013-1611
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Brightmail Gateway 9.5
Symantec Brightmail Gateway 9.5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »