Vulnerabilities > Symantec > Low

DATE CVE VULNERABILITY TITLE RISK
2019-06-19 CVE-2019-9701 Cross-site Scripting vulnerability in Symantec Data Loss Prevention
DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users.
network
symantec CWE-79
3.5
2019-05-08 CVE-2019-9698 Unspecified vulnerability in Symantec Antivirus Engine
Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated privileges.
local
low complexity
symantec
3.6
2019-04-25 CVE-2018-18366 Use of Uninitialized Resource vulnerability in Symantec products
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
local
low complexity
symantec CWE-908
2.1
2018-06-20 CVE-2018-5236 Race Condition vulnerability in Symantec Endpoint Protection
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard).
network
symantec CWE-362
3.5
2018-02-19 CVE-2010-0109 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Altiris Deployment Solution
DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request.
low complexity
symantec CWE-119
3.3
2017-12-13 CVE-2017-15529 Resource Exhaustion vulnerability in Symantec Norton Family
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to a Denial of Service (DoS) exploit.
local
low complexity
symantec CWE-400
2.1
2017-12-13 CVE-2017-15530 Information Exposure vulnerability in Symantec Norton Family
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to an Information Disclosure issue.
local
low complexity
symantec CWE-200
2.1
2017-11-06 CVE-2017-13680 Unspecified vulnerability in Symantec Endpoint Protection 14
Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system.
local
low complexity
symantec microsoft
3.6
2017-10-23 CVE-2017-13682 Missing Release of Resource after Effective Lifetime vulnerability in Symantec Encryption Desktop 10.3.0/10.3.1/10.3.2
In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released.
2.3
2017-10-23 CVE-2017-13683 Missing Release of Resource after Effective Lifetime vulnerability in Symantec Endpoint Encryption
In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released.
2.3