Vulnerabilities > Symantec > High

DATE CVE VULNERABILITY TITLE RISK
2019-11-15 CVE-2019-12759 Unspecified vulnerability in Symantec Endpoint Protection Manager and Mail Security
Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
local
low complexity
symantec
7.8
2019-11-15 CVE-2019-12757 Unspecified vulnerability in Symantec Endpoint Protection
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
local
low complexity
symantec
7.8
2019-11-15 CVE-2018-18368 Improper Privilege Management vulnerability in Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
local
low complexity
symantec CWE-269
7.8
2019-07-31 CVE-2019-12750 Out-of-bounds Read vulnerability in Symantec Endpoint Protection
Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
local
low complexity
symantec CWE-125
7.8
2019-07-01 CVE-2019-9703 Unspecified vulnerability in Symantec Endpoint Encryption
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
local
low complexity
symantec
7.8
2019-07-01 CVE-2019-9702 Unspecified vulnerability in Symantec Endpoint Encryption
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
local
low complexity
symantec
7.8
2019-04-25 CVE-2018-18367 Untrusted Search Path vulnerability in Symantec Endpoint Protection Manager
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
local
low complexity
symantec CWE-426
7.8
2019-04-25 CVE-2018-18369 Untrusted Search Path vulnerability in Symantec products
Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
local
low complexity
symantec CWE-426
7.8
2019-04-10 CVE-2019-9694 Unspecified vulnerability in Symantec Endpoint Encryption
Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
local
low complexity
symantec
7.8
2019-04-09 CVE-2018-18365 Unspecified vulnerability in Symantec Norton Password Manager
Norton Password Manager may be susceptible to an address spoofing issue.
network
low complexity
symantec
7.5