Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-5834
Symantec Endpoint Protection Manager, before 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory.
Symantec Endpoint Protection Manager
4.4
CVSSv2
CVE-2020-5835
Symantec Endpoint Protection Manager, before 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine.
Symantec Endpoint Protection Manager
NA
CVE-2023-35078
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication.
Ivanti Endpoint Manager Mobile
9 Github repositories
4 Articles
5
CVSSv2
CVE-2016-5306
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.
Symantec Endpoint Protection Manager
8.5
CVSSv2
CVE-2015-8152
Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script.
Symantec Endpoint Protection Manager
1 Article
4.6
CVSSv2
CVE-2022-24527
Microsoft Endpoint Configuration Manager Elevation of Privilege Vulnerability
Microsoft Endpoint Configuration Manager -
3.3
CVSSv2
CVE-2015-8801
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.
Symantec Endpoint Protection Manager
3.5
CVSSv2
CVE-2018-8888
A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an malicious user to store script commands that could later be executed in the context of another Management Console administrator.
Blackberry Unified Endpoint Manager
4.3
CVSSv2
CVE-2018-8892
A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an malicious user to make modifications to the UEM settings in the context of a Management Console administrator.
Blackberry Unified Endpoint Manager
4
CVSSv2
CVE-2016-3647
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request.
Symantec Endpoint Protection Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »