Vulnerabilities > Symantec > Endpoint Protection > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2020-5824 | Unspecified vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable. | 2.1 |
| 2020-02-11 | CVE-2020-5825 | Improper Privilege Management vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges. | 3.6 |
| 2020-02-11 | CVE-2020-5826 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. | 2.1 |
| 2019-11-15 | CVE-2019-12756 | Unspecified vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights. | 2.1 |
| 2019-04-25 | CVE-2018-18366 | Use of Uninitialized Resource vulnerability in Symantec products Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory. | 2.1 |
| 2018-06-20 | CVE-2018-5236 | Race Condition vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). | 3.5 |
| 2017-11-06 | CVE-2017-13680 | Unspecified vulnerability in Symantec Endpoint Protection 14 Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system. | 3.6 |
| 2010-02-19 | CVE-2010-0106 | Unspecified vulnerability in Symantec Antivirus, Client Security and Endpoint Protection The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources. local symantec | 1.9 |