Symantec

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-1612 1Symantec 2Endpoint Protection Center Endpoint Protection Manager Apr 29, 2026 Jun 20, 2013 N/A· v4 N/A· v3 7.9 HIGH· v2 Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote atta...Show more Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.Show less
CVE-2013-1611 1Symantec 1Brightmail Gateway Apr 29, 2026 May 9, 2013 N/A· v4 N/A· v3 3.5 LOW· v2 Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML...Show more Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2013-1609 1Symantec 1Enterprise Vault For File System Archiving Apr 29, 2026 Mar 26, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow loca...Show more Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.Show less
CVE-2013-1608 1Symantec 1Netbackup Appliance Apr 29, 2026 Mar 26, 2013 N/A· v4 N/A· v3 6.7 MEDIUM· v2 Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-6533 1Symantec 2Encryption Desktop Pgp Desktop Apr 29, 2026 Feb 18, 2013 N/A· v4 N/A· v3 4.4 MEDIUM· v2 Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application.
CVE-2012-4351 1Symantec 2Encryption Desktop Pgp Desktop Apr 29, 2026 Feb 18, 2013 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 allows local users to gain privileges via a crafted application.
CVE-2012-4350 1Symantec 1Enterprise Security Manager Apr 29, 2026 Dec 18, 2012 N/A· v4 N/A· v3 7.2 HIGH· v2 Multiple unquoted Windows search path vulnerabilities in the (1) Manager and (2) Agent components in Symantec Enterprise Security Manager (ESM) before 11.0 allow local users to gain privileges via unspecified vectors.
CVE-2012-4348 1Symantec 1Endpoint Protection Apr 29, 2026 Dec 18, 2012 N/A· v4 N/A· v3 7.2 HIGH· v2 The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP...Show more The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors.Show less
CVE-2012-4349 1Symantec 1Network Access Control Apr 29, 2026 Dec 11, 2012 N/A· v4 N/A· v3 7.2 HIGH· v2 Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
CVE-2012-4347 1Symantec 1Messaging Gateway Apr 29, 2026 Dec 5, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in...Show more Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do.Show less
CVE-2012-4953 1Symantec 3Antivirus Endpoint ProtectionScan Engine Apr 29, 2026 Nov 14, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 d...Show more The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file.Show less
CVE-2012-0306 1Symantec 1Ghost Solutions Suite Apr 29, 2026 Oct 18, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted backup file.
CVE-2012-3582 1Symantec 1Pgp Universal Server Apr 29, 2026 Sep 4, 2012 N/A· v4 N/A· v3 2.9 LOW· v2 Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a...Show more Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session.Show less
CVE-2012-3581 1Symantec 1Messaging Gateway Apr 29, 2026 Aug 29, 2012 N/A· v4 N/A· v3 3.3 LOW· v2 Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors.
CVE-2012-3580 1Symantec 1Messaging Gateway Apr 29, 2026 Aug 29, 2012 N/A· v4 N/A· v3 7.7 HIGH· v2 Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.
CVE-2012-3579 1Symantec 1Messaging Gateway Apr 29, 2026 Aug 29, 2012 N/A· v4 N/A· v3 7.9 HIGH· v2 Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.
CVE-2012-0308 1Symantec 1Messaging Gateway Apr 29, 2026 Aug 29, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of administrators.
CVE-2012-0307 1Symantec 1Messaging Gateway Apr 29, 2026 Aug 29, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content.
CVE-2010-5168 1Symantec 1Norton Internet Security 2010 Apr 29, 2026 Aug 25, 2012 N/A· v4 N/A· v3 6.2 MEDIUM· v2 Race condition in Symantec Norton Internet Security 2010 17.5.0.127 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not bl...Show more Race condition in Symantec Norton Internet Security 2010 17.5.0.127 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to executeShow less
CVE-2010-3497 1Symantec 1Norton Antivirus Apr 29, 2026 Aug 22, 2012 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that...Show more Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that this issue "falls into the work of our Firewall and not our AV (per our methodology of layers of defense)."Show less

Previous 1...121314...29 Next