Vulnerabilities > Symantec
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-09 | CVE-2018-18365 | Unspecified vulnerability in Symantec Norton Password Manager Norton Password Manager may be susceptible to an address spoofing issue. | 5.0 |
| 2019-03-29 | CVE-2019-9695 | Code Injection vulnerability in Symantec Norton Core Firmware Norton Core prior to v278 may be susceptible to an arbitrary code execution issue, which is a type of vulnerability that has the potential of allowing an individual to execute arbitrary commands or code on a target machine or in a target process. | 7.2 |
| 2019-02-08 | CVE-2018-18364 | Untrusted Search Path vulnerability in Symantec Ghost Solution Suite Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. | 6.0 |
| 2019-01-24 | CVE-2018-12237 | OS Command Injection vulnerability in Symantec Reporter The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8 is susceptible to an OS command injection vulnerability. | 9.0 |
| 2019-01-24 | CVE-2018-18363 | Unspecified vulnerability in Symantec Norton APP Lock Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass exploit. | 7.2 |
| 2018-12-06 | CVE-2018-18362 | Cross-site Scripting vulnerability in Symantec Norton Password Manager Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. | 4.3 |
| 2018-11-29 | CVE-2018-12245 | Untrusted Search Path vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. | 6.8 |
| 2018-11-29 | CVE-2018-12239 | Unspecified vulnerability in Symantec products Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. | 4.6 |
| 2018-11-29 | CVE-2018-12238 | Unspecified vulnerability in Symantec products Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. | 4.6 |
| 2018-11-27 | CVE-2018-12241 | Cross-site Scripting vulnerability in Symantec Security Analytics The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. | 4.3 |