← Back

Symantec

symantec

571 CVEs • 247 products

Products (247)

Click to collapse
Toggle
Endpoint Protection
endpoint_protection
71 CVEs
Norton Antivirus
norton_antivirus
67 CVEs
Endpoint Protection Manager
endpoint_protection_manager
41 CVEs
Norton Internet Security
norton_internet_security
40 CVEs
Web Gateway
web_gateway
35 CVEs
Client Security
client_security
27 CVEs
Messaging Gateway
messaging_gateway
25 CVEs
Altiris Deployment Solution
altiris_deployment_solution
24 CVEs
Norton System Works
norton_system_works
19 CVEs
Mail Security
mail_security
19 CVEs
Pcanywhere
pcanywhere
18 CVEs
Norton Personal Firewall
norton_personal_firewall
18 CVEs
Enterprise Firewall
enterprise_firewall
15 CVEs
Antivirus
antivirus
15 CVEs
Norton 360
norton_360
14 CVEs
Norton Ghost
norton_ghost
13 CVEs
Encryption Desktop
encryption_desktop
11 CVEs
Antivirus Scan Engine
antivirus_scan_engine
10 CVEs
Endpoint Encryption
endpoint_encryption
10 CVEs
Protection Engine
protection_engine
10 CVEs
Message Gateway
message_gateway
10 CVEs
Norton Security
norton_security
10 CVEs
Brightmail Antispam
brightmail_antispam
9 CVEs
Encryption Management Server
encryption_management_server
9 CVEs
Mail Security For Microsoft Exchange
mail_security_for_microsoft_exchange
9 CVEs
Mail Security For Domino
mail_security_for_domino
9 CVEs
Advanced Threat Protection
advanced_threat_protection
9 CVEs
Protection For Sharepoint Servers
protection_for_sharepoint_servers
9 CVEs
Csapi
csapi
9 CVEs
Gateway Security
gateway_security
8 CVEs
Sygate Personal Firewall
sygate_personal_firewall
8 CVEs
Backupexec System Recovery
backupexec_system_recovery
8 CVEs
Norton Power Eraser
norton_power_eraser
8 CVEs
Norton Security With Backup
norton_security_with_backup
8 CVEs
Velociraptor
velociraptor
7 CVEs
Gateway Security 5400
gateway_security_5400
7 CVEs
Web Security
web_security
7 CVEs
Ghost Solutions Suite
ghost_solutions_suite
7 CVEs
Pgp Desktop
pgp_desktop
7 CVEs
Ngc
ngc
7 CVEs
Message Gateway For Service Providers
message_gateway_for_service_providers
7 CVEs
Norton Bootable Removal Tool
norton_bootable_removal_tool
7 CVEs
Data Center Security Server
data_center_security_server
7 CVEs
Endpoint Protection Cloud
endpoint_protection_cloud
7 CVEs
Raptor Firewall
raptor_firewall
6 CVEs
Firewall Vpn Appliance 100
firewall_vpn_appliance_100
6 CVEs
Firewall Vpn Appliance 200
firewall_vpn_appliance_200
6 CVEs
Firewall Vpn Appliance 200r
firewall_vpn_appliance_200r
6 CVEs
Norton Antispam
norton_antispam
6 CVEs
Altiris Notification Server
altiris_notification_server
6 CVEs
Antivirus Central Quarantine Server
antivirus_central_quarantine_server
6 CVEs
System Center
system_center
6 CVEs
Im Manager
im_manager
6 CVEs
Web Gateway Appliance 8450
web_gateway_appliance_8450
6 CVEs
Web Gateway Appliance 8490
web_gateway_appliance_8490
6 CVEs
Data Center Security
data_center_security
6 CVEs
Norton App Lock
norton_app_lock
6 CVEs
Liveupdate
liveupdate
5 CVEs
Veritas Storage Foundation
veritas_storage_foundation
5 CVEs
Workspace Streaming
workspace_streaming
5 CVEs
Liveupdate Administrator
liveupdate_administrator
5 CVEs
Backup Exec
backup_exec
5 CVEs
Clientless Vpn Gateway 4400
clientless_vpn_gateway_4400
4 CVEs
Discovery
discovery
4 CVEs
Security Information Manager
security_information_manager
4 CVEs
Enterprise Security Manager
enterprise_security_manager
4 CVEs
Backup Exec For Windows Server
backup_exec_for_windows_server
4 CVEs
Data Loss Prevention
data_loss_prevention
4 CVEs
Message Filter
message_filter
4 CVEs
Pgp Universal Server
pgp_universal_server
4 CVEs
Norton Password Manager
norton_password_manager
4 CVEs
Endpoint Detection And Response
endpoint_detection_and_response
4 CVEs
Client Firewall
client_firewall
3 CVEs
Gateway Security 5300
gateway_security_5300
3 CVEs
Nexland Isb Soho Firewall Appliance
nexland_isb_soho_firewall_appliance
3 CVEs
Nexland Pro100 Firewall Appliance
nexland_pro100_firewall_appliance
3 CVEs
Nexland Pro400 Firewall Appliance
nexland_pro400_firewall_appliance
3 CVEs
Nexland Pro800 Firewall Appliance
nexland_pro800_firewall_appliance
3 CVEs
Nexland Pro800turbo Firewall Appliance
nexland_pro800turbo_firewall_appliance
3 CVEs
Nexland Wavebase Firewall Appliance
nexland_wavebase_firewall_appliance
3 CVEs
Gateway Security 360
gateway_security_360
3 CVEs
Gateway Security 5000 Series
gateway_security_5000_series
3 CVEs
Norton Utilities
norton_utilities
3 CVEs
Automated Support Assistant
automated_support_assistant
3 CVEs
Veritas Netbackup Client
veritas_netbackup_client
3 CVEs
Veritas Netbackup Enterprise Server
veritas_netbackup_enterprise_server
3 CVEs
Veritas Netbackup Server
veritas_netbackup_server
3 CVEs
Livestate Recovery
livestate_recovery
3 CVEs
Norton Save And Recovery
norton_save_and_recovery
3 CVEs
Reporting Server
reporting_server
3 CVEs
Veritas Backup Exec
veritas_backup_exec
3 CVEs
Scan Engine
scan_engine
3 CVEs
Mail Security Appliance
mail_security_appliance
3 CVEs
Data Loss Prevention Detection Servers
data_loss_prevention_detection_servers
3 CVEs
Data Loss Prevention Endpoint Agents
data_loss_prevention_endpoint_agents
3 CVEs
Altiris Client Management Suite Pcanywhere Solution
altiris_client_management_suite_pcanywhere_solution
3 CVEs
Altiris Deployment Solution Remote Pcanywhere Solution
altiris_deployment_solution_remote_pcanywhere_solution
3 CVEs
Security Information Manager Appliance
security_information_manager_appliance
3 CVEs
Workspace Virtualization
workspace_virtualization
3 CVEs
Norton Family
norton_family
3 CVEs

CVEs (571)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2007-2955
1Symantec
3Norton Antivirus
Norton Internet SecurityNorton System Works
Apr 23, 2026
Aug 9, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple unspecified "input validation error" vulnerabilities in multiple ActiveX controls in NavComUI.dll, as used in multiple Norton AntiVirus, Internet Security, and System Works products for 2006, allows remote attac...Show more
Multiple unspecified "input validation error" vulnerabilities in multiple ActiveX controls in NavComUI.dll, as used in multiple Norton AntiVirus, Internet Security, and System Works products for 2006, allows remote attackers to execute arbitrary code via (1) the AnomalyList property to AxSysListView32 and (2) Anomaly property to AxSysListView32OAA.Show less
CVE-2007-2950
3Centennial
NumaraSymantec
3Asset Manager
DiscoveryDiscovery
Apr 23, 2026
Jul 23, 2007
N/A· v4
N/A· v3
7.2 HIGH· v2
Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges.
CVE-2007-3800
1Symantec
2Client Security
Norton Antivirus
Apr 23, 2026
Jul 16, 2007
N/A· v4
N/A· v3
6.0 MEDIUM· v2
Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows...Show more
Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code.Show less
CVE-2007-3771
1Symantec
2Client Security
Norton Antivirus
Apr 23, 2026
Jul 15, 2007
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash)...Show more
Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message. NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error.Show less
CVE-2007-3673
1Symantec
6Client Security
Norton AntispamNorton Antivirus+3 more
Apr 23, 2026
Jul 15, 2007
N/A· v4
N/A· v3
6.9 MEDIUM· v2
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewal...Show more
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.Show less
CVE-2007-3509
1Symantec
1Veritas Backup Exec
Apr 23, 2026
Jul 12, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via c...Show more
Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests.Show less
CVE-2007-3666
1Symantec
1Norton Ghost
Apr 23, 2026
Jul 10, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function.
CVE-2007-3665
1Symantec
1Norton Ghost
Apr 23, 2026
Jul 10, 2007
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions.
CVE-2007-1792
1Symantec
1Mail Security
Apr 23, 2026
Jun 27, 2007
N/A· v4
N/A· v3
7.8 HIGH· v2
libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash)...Show more
libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of "PE-Shield v0.2" and "ASPack v1.00-1.08.02".Show less
CVE-2007-3132
1Symantec
2Ghost Solutions Suite
Norton Ghost
Apr 23, 2026
Jun 8, 2007
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requ...Show more
Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp.Show less
CVE-2007-3095
1Symantec
3Client Security
Norton AntivirusReporting Server
Apr 23, 2026
Jun 6, 2007
N/A· v4
N/A· v3
9.0 HIGH· v2
Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later,...Show more
Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to "disable the authentication system" and bypass authentication via unknown vectors.Show less
CVE-2007-2514
3Centennial
NumaraSymantec
3Asset Manager
DiscoveryDiscovery
Apr 23, 2026
Jun 6, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers t...Show more
Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173.Show less
CVE-2007-3022
1Symantec
3Client Security
Norton AntivirusReporting Server
Apr 23, 2026
Jun 5, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash fo...Show more
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash for a user after a failed login attempt, which makes it easier for remote attackers to conduct brute force attacks.Show less
CVE-2007-3021
1Symantec
3Client Security
Norton AntivirusReporting Server
Apr 23, 2026
Jun 5, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, does not initialize a critica...Show more
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via unknown manipulations of a file that is created during data export.Show less
CVE-2007-2279
1Symantec
1Veritas Storage Foundation
Apr 23, 2026
Jun 4, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create...Show more
The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.Show less
CVE-2007-1593
1Symantec
1Veritas Volume Replicator
Apr 23, 2026
Jun 4, 2007
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of s...Show more
The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer.Show less
CVE-2007-2896
1Symantec
1Enterprise Security Manager
Apr 23, 2026
May 30, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certai...Show more
Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports.Show less
CVE-2007-1173
3Centennial
NumaraSymantec
3Asset Manager
DiscoveryDiscovery
Apr 23, 2026
May 16, 2007
N/A· v4
N/A· v3
10.0 HIGH· v2
Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attac...Show more
Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet.Show less
CVE-2007-1689
1Symantec
2Norton Internet Security
Norton Personal Firewall
Apr 23, 2026
May 16, 2007
N/A· v4
N/A· v3
10.0 HIGH· v2
Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (...Show more
Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.Show less
CVE-2007-2619
1Symantec
1Pcanywhere
Apr 23, 2026
May 11, 2007
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a differ...Show more
Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785.Show less