Filtered by vendor Symantec
Subscriptions
Total
571 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-1649 | 1 Symantec | 1 Workspace Streaming | 2025-04-12 | N/A |
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS. | ||||
CVE-2014-1650 | 1 Symantec | 1 Web Gateway | 2025-04-12 | N/A |
SQL injection vulnerability in user.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2015-8156 | 1 Symantec | 1 Endpoint Encryption | 2025-04-12 | N/A |
Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe. | ||||
CVE-2015-8801 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device. | ||||
CVE-2015-6549 | 1 Symantec | 1 Netbackup Opscenter | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBackup OpsCenter before 7.7.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2015-6555 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary Java code by connecting to the console Java port. | ||||
CVE-2015-1491 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2016-3649 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests. | ||||
CVE-2016-3651 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors. | ||||
CVE-2014-7287 | 1 Symantec | 2 Encryption Management Server, Pgp Universal Server | 2025-04-12 | N/A |
The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header. | ||||
CVE-2015-1487 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename. | ||||
CVE-2015-1485 | 1 Symantec | 1 Data Loss Prevention | 2025-04-12 | N/A |
Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authentication of administrators. | ||||
CVE-2015-1489 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors. | ||||
CVE-2015-1486 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session. | ||||
CVE-2015-1488 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown vectors. | ||||
CVE-2015-8149 | 1 Symantec | 1 Encryption Management Server | 2025-04-12 | N/A |
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests. | ||||
CVE-2014-9226 | 2 Broadcom, Symantec | 2 Symantec Critical System Protection, Data Center Security | 2025-04-12 | N/A |
The management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows local users to bypass intended Protection Policies via unspecified vectors. | ||||
CVE-2014-7288 | 1 Symantec | 2 Encryption Management Server, Pgp Universal Server | 2025-04-12 | N/A |
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action. | ||||
CVE-2014-9227 | 1 Symantec | 1 Endpoint Protection | 2025-04-12 | N/A |
Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
CVE-2014-7285 | 1 Symantec | 1 Web Gateway | 2025-04-12 | N/A |
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts. |