Vulnerabilities > Symantec > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-29 | CVE-2019-9695 | Unspecified vulnerability in Symantec Norton Core Firmware Norton Core prior to v278 may be susceptible to an arbitrary code execution issue, which is a type of vulnerability that has the potential of allowing an individual to execute arbitrary commands or code on a target machine or in a target process. low complexity symantec | 6.8 |
| 2019-01-24 | CVE-2018-18363 | Unspecified vulnerability in Symantec Norton APP Lock Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass exploit. low complexity symantec | 6.2 |
| 2018-12-06 | CVE-2018-18362 | Cross-site Scripting vulnerability in Symantec Norton Password Manager Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. | 6.1 |
| 2018-11-29 | CVE-2018-12239 | Unspecified vulnerability in Symantec Endpoint Protection and Endpoint Protection Cloud Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. low complexity symantec | 6.8 |
| 2018-11-27 | CVE-2018-12241 | Cross-site Scripting vulnerability in Symantec Security Analytics The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. | 6.1 |
| 2018-10-22 | CVE-2018-12246 | Cross-site Scripting vulnerability in Symantec web Isolation 1.11 Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. | 6.1 |
| 2018-08-29 | CVE-2018-12240 | Use of Hard-coded Credentials vulnerability in Symantec Norton Password Manager The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials. | 5.9 |
| 2018-08-22 | CVE-2018-5235 | Uncontrolled Search Path Element vulnerability in Symantec Norton Utilities Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. | 6.0 |
| 2018-07-16 | CVE-2018-5239 | Unspecified vulnerability in Symantec Norton APP Lock Norton App Lock prior to v1.3.0.332 can be susceptible to a bypass exploit. low complexity symantec | 6.2 |
| 2018-06-20 | CVE-2018-5236 | Race Condition vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). | 5.3 |