Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint protection vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2016-5308
The Client Intrusion Detection System (CIDS) driver prior to 15.0.6 in Symantec Endpoint Protection (SEP) and prior to 15.1.2 in Norton Security allows remote malicious users to cause a denial of service (memory corruption and system crash) via a malformed Portable Executable (PE...
Symantec Client Intrusion Detection System
6.9
CVSSv2
CVE-2016-5311
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due t...
Symantec Endpoint Protection
Symantec Endpoint Protection Cloud
Symantec Norton 360
Symantec Norton Antivirus
Symantec Norton Antivirus With Backup
Symantec Norton Family
Symantec Norton Internet Security
Symantec Norton Security
Symantec Norton Security With Backup
6.9
CVSSv2
CVE-2016-9093
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and previous versions fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file...
Symantec Endpoint Protection
Symantec Endpoint Protection 12.1.6
6.9
CVSSv2
CVE-2014-3434
Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x prior to 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call.
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 12.0
Symantec Endpoint Protection 12.1
1 EDB exploit
1 Article
6.8
CVSSv2
CVE-2022-22947
In spring cloud gateway versions before 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote ex...
Vmware Spring Cloud Gateway 3.1.0
Vmware Spring Cloud Gateway
Oracle Commerce Guided Search 11.3.2
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Console 22.2.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
72 Github repositories
2 Articles
6.8
CVSSv2
CVE-2020-9363
The Sophos AV parsing engine prior to 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply t...
Sophos Cloud Optix
Sophos Endpoint Protection
Sophos Intercept X Endpoint
Sophos Intercept X For Server
Sophos Mobile
Sophos Secure Web Gateway
6.8
CVSSv2
CVE-2018-18367
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and before 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malic...
Symantec Endpoint Protection Manager 14.0.1
Symantec Endpoint Protection Manager 14.1
Symantec Endpoint Protection Manager 12.1
Symantec Endpoint Protection Manager 14
Symantec Endpoint Protection Manager 14.2
6.8
CVSSv2
CVE-2018-12244
SEP (Mac client) prior to and including 12.1 RU6 MP9 and before 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.
Symantec Endpoint Protection 14.2
Symantec Endpoint Protection 14.0.1
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 14.0.0
Symantec Endpoint Protection 14
6.8
CVSSv2
CVE-2018-18369
Norton Security (Windows client) before 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call...
Symantec Norton Security
Symantec Endpoint Protection Cloud Agent
Symantec Endpoint Protection Sep-12.1.7484.7002
Symantec Endpoint Protection Nis-22.15.2.22
Symantec Endpoint Protection Cloud
6.8
CVSSv2
CVE-2018-12245
Symantec Endpoint Protection before 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exp...
Symantec Endpoint Protection
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »