Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-4422
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote malicious users to enumerate valid usernames.
Symantec Enterprise Firewall 6
9.3
CVSSv2
CVE-2007-2514
Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote malicious users to execute arbitrary code via a long request. NOTE: thi...
Symantec Discovery 6.5
Centennial Discovery 2006 Featurepack1
Numara Asset Manager 8.0
9.3
CVSSv2
CVE-2007-2279
The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote malicious users to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under...
Symantec Veritas Storage Foundation 5.0
9.3
CVSSv2
CVE-2007-1252
Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources.
Symantec Mail Security 5.0
9.3
CVSSv2
CVE-2007-0515
Unspecified vulnerability in Microsoft Word allows user-assisted remote malicious users to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Tr...
Microsoft Office 2000
Microsoft Word Viewer 2003
Microsoft Works 2004
Microsoft Word 2002
Microsoft Word 2003
Microsoft Office Xp
Microsoft Word 2000
Microsoft Office 2003
Microsoft Office 2004
Microsoft Works 2005
Microsoft Works 2006
2 EDB exploits
9.3
CVSSv2
CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote malicious users to load unsafe classes and execute...
Hp Java Sdk-rte 1.3
Sun Jdk 1.3.1 02
Sun Jdk 1.3.1 03
Sun Jdk 1.3.1 06
Sun Jdk 1.4.0 02
Sun Jdk 1.4.0 03
Sun Jdk 1.4.1
Sun Jdk 1.4.1 03
Sun Jdk 1.4.2 03
Sun Jdk 1.4
Sun Jre 1.3.0
Sun Jre 1.3.1
Sun Jre 1.3.1 02
Sun Jre 1.3.1 05
Sun Jre 1.3.1 06
Sun Jre 1.3.1 09
Sun Jre 1.4.0 03
Sun Jre 1.4.1
Sun Jre 1.4.1 07
Sun Jre 1.4.2
Conectiva Linux 10.0
Sun Jdk 1.3.1 05
1 EDB exploit
9
CVSSv2
CVE-2021-30648
The Symantec Advanced Secure Gateway (ASG) and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the a...
Broadcom Symantec Proxysg
Broadcom Symantec Advanced Secure Gateway S200-30 Firmware
Broadcom Symantec Advanced Secure Gateway S200-40 Firmware
Broadcom Symantec Advanced Secure Gateway S400-20 Firmware
Broadcom Symantec Advanced Secure Gateway S400-30 Firmware
Broadcom Symantec Advanced Secure Gateway S400-40 Firmware
Broadcom Symantec Advanced Secure Gateway 500-10 Firmware
Broadcom Symantec Advanced Secure Gateway S500-20 Firmware
9
CVSSv2
CVE-2020-12594
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
9
CVSSv2
CVE-2018-12237
The Symantec Reporter CLI 10.1 before 10.1.5.6 and 10.2 before 10.2.1.8 is susceptible to an OS command injection vulnerability. An authenticated malicious administrator with Enable mode access can execute arbitrary OS commands with elevated system privileges.
Symantec Reporter
9
CVSSv2
CVE-2015-4523
Blue Coat Malware Analysis Appliance (MAA) prior to 4.2.5 and Malware Analyzer G2 allow remote malicious users to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or exec...
Symantec Malware Analyzer G2
Symantec Malware Analysis Appliance
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »