Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint protection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-37017
Symantec Endpoint Protection (Windows) agent, before 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to...
Broadcom Symantec Endpoint Protection
312
VMScore
CVE-2016-5305
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack.
Symantec Endpoint Protection Manager
445
VMScore
CVE-2016-5306
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.
Symantec Endpoint Protection Manager
NA
CVE-2022-25631
Symantec Endpoint Protection, before 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated
Broadcom Symantec Endpoint Protection
356
VMScore
CVE-2016-3648
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization...
Symantec Endpoint Protection Manager
356
VMScore
CVE-2016-3650
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.
Symantec Endpoint Protection Manager
534
VMScore
CVE-2016-3651
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
Symantec Endpoint Protection Manager
355
VMScore
CVE-2016-3652
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
605
VMScore
CVE-2016-3653
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Symantec Endpoint Protection Manager
1 EDB exploit
187
VMScore
CVE-2020-5833
Symantec Endpoint Protection Manager, before 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
Symantec Endpoint Protection Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »