Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint protection manager vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2016-3653
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Symantec Endpoint Protection Manager
1 EDB exploit
3.3
CVSSv3
CVE-2020-5833
Symantec Endpoint Protection Manager, before 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
Symantec Endpoint Protection Manager
8.8
CVSSv3
CVE-2015-8154
The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote malicious users to execute arbitrary code via a crafted HTML document, related to "RWX Permissions."
Symantec Endpoint Protection Manager
1 Article
8
CVSSv3
CVE-2015-8152
Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script.
Symantec Endpoint Protection Manager
1 Article
8.8
CVSSv3
CVE-2015-8153
SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Endpoint Protection Manager
1 Article
6.8
CVSSv3
CVE-2016-5304
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
5.4
CVSSv3
CVE-2016-5305
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack.
Symantec Endpoint Protection Manager
5.3
CVSSv3
CVE-2016-5306
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.
Symantec Endpoint Protection Manager
4.3
CVSSv3
CVE-2016-5307
Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors.
Symantec Endpoint Protection Manager
2.9
CVSSv3
CVE-2015-8801
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.
Symantec Endpoint Protection Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »