Vulnerabilities > Symantec

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-14	CVE-2016-6592	Uncontrolled Search Path Element vulnerability in Symantec Norton Download Manager A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. local low complexity symantec CWE-427	4.6
2020-01-13	CVE-2019-19547	Cross-site Scripting vulnerability in multiple products Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may be susceptible to a cross site scripting (XSS) issue. network low complexity symantec fedoraproject CWE-79	6.1
2020-01-09	CVE-2016-5311	Uncontrolled Search Path Element vulnerability in Symantec products A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. local symantec CWE-427	6.9
2020-01-08	CVE-2016-6585	Improper Input Validation vulnerability in Symantec Norton Mobile Security A Denial of Service vulnerability exists in Symantec Norton Mobile Security for Android prior to 3.16, which could let a remote malicious user conduct a man-in-the-middle attack via specially crafted JavaScript. network symantec CWE-20	3.5
2020-01-08	CVE-2016-6587	Information Exposure vulnerability in Symantec Norton Mobile Security An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android before 3.16, which could let a local malicious user obtain sensitive information. local low complexity symantec CWE-200	2.1
2020-01-08	CVE-2016-6588	Cross-site Scripting vulnerability in Symantec IT Management Suite 8.0 A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0. network symantec CWE-79	3.5
2020-01-08	CVE-2016-6586	Improper Input Validation vulnerability in Symantec Norton Mobile Security A security bypass vulnerability exists in Symantec Norton Mobile Security for Android before 3.16, which could let a malicious user conduct a man-in-the-middle via specially crafted JavaScript to add arbitrary URLs to the URL whitelist. network symantec CWE-20	4.3
2020-01-08	CVE-2016-6593	Untrusted Search Path vulnerability in Symantec VIP Access Desktop A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code. local symantec CWE-426	4.4
2020-01-08	CVE-2016-6591	Incorrect Authorization vulnerability in Symantec Norton APP Lock 1.0.3.186 A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions. local symantec CWE-863	3.3
2020-01-08	CVE-2016-6590	Improper Privilege Management vulnerability in Symantec products A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code. local symantec CWE-269	4.4

Vulnerabilities > Symantec {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Symantec"}]}

Vulnerabilities > Symantec