Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec endpoint protection vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2020-5836
Symantec Endpoint Protection, before 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.
Symantec Endpoint Protection
4.6
CVSSv2
CVE-2020-5837
Symantec Endpoint Protection, before 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
Symantec Endpoint Protection
1 Github repository
6.8
CVSSv2
CVE-2018-12245
Symantec Endpoint Protection before 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exp...
Symantec Endpoint Protection
4.4
CVSSv2
CVE-2014-9227
Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) prior to 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory.
Symantec Endpoint Protection
6.5
CVSSv2
CVE-2014-9229
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) prior to 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
Symantec Endpoint Protection
4.6
CVSSv2
CVE-2018-18368
Symantec Endpoint Protection Manager (SEPM), before 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protect...
Symantec Endpoint Protection Manager
3.3
CVSSv2
CVE-2015-8801
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.
Symantec Endpoint Protection Manager
5
CVSSv2
CVE-2020-5834
Symantec Endpoint Protection Manager, before 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory.
Symantec Endpoint Protection Manager
4.4
CVSSv2
CVE-2020-5835
Symantec Endpoint Protection Manager, before 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine.
Symantec Endpoint Protection Manager
4.9
CVSSv2
CVE-2016-5304
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »