Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint protection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3007
The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Protection 5.2.1 and previous versions allows remote malicious users to write to arbitrary files by specifying an arbitrary filename in the MyCioScan.Scan.ReportFile parameter, as demonstrated by injecting script...
Mcafee Saas Endpoint Protection
8
CVSSv3
CVE-2015-8152
Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script.
Symantec Endpoint Protection Manager
1 Article
8.8
CVSSv3
CVE-2015-8154
The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote malicious users to execute arbitrary code via a crafted HTML document, related to "RWX Permissions."
Symantec Endpoint Protection Manager
1 Article
3.3
CVSSv3
CVE-2020-5833
Symantec Endpoint Protection Manager, before 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
Symantec Endpoint Protection Manager
5.3
CVSSv3
CVE-2020-5834
Symantec Endpoint Protection Manager, before 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory.
Symantec Endpoint Protection Manager
7
CVSSv3
CVE-2020-5835
Symantec Endpoint Protection Manager, before 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine.
Symantec Endpoint Protection Manager
7.5
CVSSv3
CVE-2022-37017
Symantec Endpoint Protection (Windows) agent, before 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to...
Broadcom Symantec Endpoint Protection
8.8
CVSSv3
CVE-2015-8153
SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Endpoint Protection Manager
1 Article
7.8
CVSSv3
CVE-2018-9233
Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for malicious users to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow...
Sophos Endpoint Protection 10.7
1 EDB exploit
5.4
CVSSv3
CVE-2016-3652
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »