Vulnerabilities > Symantec > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-13 | CVE-2018-5242 | Unspecified vulnerability in Symantec Norton APP Lock Norton App Lock prior to version 1.3.0.329 can be susceptible to a bypass exploit. low complexity symantec | 6.2 |
2018-03-26 | CVE-2017-15534 | Improper Authentication vulnerability in Symantec Norton APP Lock The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. | 6.7 |
2018-02-19 | CVE-2011-3477 | Improper Input Validation vulnerability in Symantec products GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors. | 5.5 |
2018-02-19 | CVE-2010-0109 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Altiris Deployment Solution DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request. | 6.5 |
2017-12-20 | CVE-2017-15532 | Path Traversal vulnerability in Symantec Messaging Gateway Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). | 5.7 |
2017-12-13 | CVE-2017-15529 | Resource Exhaustion vulnerability in Symantec Norton Family Prior to 4.4.1.10, the Norton Family Android App can be susceptible to a Denial of Service (DoS) exploit. | 6.2 |
2017-11-20 | CVE-2017-15527 | Path Traversal vulnerability in Symantec Management Console Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs. | 6.8 |
2017-11-13 | CVE-2017-15526 | NULL Pointer Dereference vulnerability in Symantec Endpoint Encryption Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario. | 6.8 |
2017-11-13 | CVE-2017-15525 | Unspecified vulnerability in Symantec Endpoint Encryption Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. low complexity symantec | 4.5 |
2017-11-06 | CVE-2017-13680 | Unspecified vulnerability in Symantec Endpoint Protection 14 Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system. | 5.5 |