Vulnerabilities > Symantec
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-20 | CVE-2017-15532 | Path Traversal vulnerability in Symantec Messaging Gateway Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). | 5.7 |
| 2017-12-13 | CVE-2017-15530 | Information Exposure vulnerability in Symantec Norton Family Prior to 4.4.1.10, the Norton Family Android App can be susceptible to an Information Disclosure issue. | 3.3 |
| 2017-12-13 | CVE-2017-15529 | Resource Exhaustion vulnerability in Symantec Norton Family Prior to 4.4.1.10, the Norton Family Android App can be susceptible to a Denial of Service (DoS) exploit. | 6.2 |
| 2017-11-20 | CVE-2017-15527 | Path Traversal vulnerability in Symantec Management Console Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs. | 6.8 |
| 2017-11-13 | CVE-2017-15526 | NULL Pointer Dereference vulnerability in Symantec Endpoint Encryption Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario. | 6.8 |
| 2017-11-13 | CVE-2017-15525 | Unspecified vulnerability in Symantec Endpoint Encryption Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. low complexity symantec | 4.5 |
| 2017-11-06 | CVE-2017-6331 | Unspecified vulnerability in Symantec Endpoint Protection Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients. | 7.1 |
| 2017-11-06 | CVE-2017-13681 | Unspecified vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | 7.8 |
| 2017-11-06 | CVE-2017-13680 | Unspecified vulnerability in Symantec Endpoint Protection 14 Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system. | 5.5 |
| 2017-10-23 | CVE-2017-13683 | Missing Release of Resource after Effective Lifetime vulnerability in Symantec Endpoint Encryption In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. | 5.7 |