Vulnerabilities > Symantec > Endpoint Protection > 12.1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-16 | CVE-2016-9094 | Improper Input Validation vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. | 6.8 |
| 2018-04-16 | CVE-2016-9093 | Improper Input Validation vulnerability in Symantec Endpoint Protection A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. | 6.9 |
| 2015-09-20 | CVE-2014-9229 | SQL Injection vulnerability in Symantec Endpoint Protection Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role. | 6.5 |
| 2015-09-20 | CVE-2014-9228 | Resource Management Errors vulnerability in Symantec Endpoint Protection sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition. | 4.9 |
| 2015-09-20 | CVE-2014-9227 | DLL Loading Local Privilege Escalation vulnerability in Symantec Endpoint Protection Manager and Client Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory. local symantec | 4.4 |