CVSS: 2.3EPSS: 0%CPEs: 50EXPL: 0CVE-2019-12756
https://notcve.org/view.php?id=CVE-2019-12756
15 Nov 2019 — Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights. Symantec Endpoint Protection (SEP), versiones anteriores a la versión 14.2 RU2, puede ser susceptible a una vulnerabilidad de omisión de protección de contraseña por la cual la capa secundaria de protección de contraseña podría ser omitida para individuos con derechos de adm... • https://support.symantec.com/us/en/article.SYMSA1488.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18368
https://notcve.org/view.php?id=CVE-2018-18368
15 Nov 2019 — Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Protection Manager (SEPM), versiones anteriores a la versión 14.2 RU1, puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual... • https://github.com/DimopoulosElias/SEPM-EoP • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-12759 – Symantec Endpoint Protection Manager LuComServer stDisScriptEngine Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-12759
14 Nov 2019 — Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Protection Manager (SEPM) y Symantec Mail Security for MS Exchange (SMSMSE), versiones anteriore... • https://support.symantec.com/us/en/article.SYMSA1488.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-18372 – Symantec Endpoint Protection Manager OpenSSL Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-18372
14 Nov 2019 — Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Protection, versiones anteriores a la versión 14.2 RU2, puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar co... • https://support.symantec.com/us/en/article.SYMSA1488.html •
CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 1CVE-2019-12750 – Symantec Endpoint Protection Information Disclosure / Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-12750
31 Jul 2019 — Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Protection, anterior de 14.2 RU1 y 12.1 RU6 MP10 y Symantec Endpoint Protection S... • https://github.com/v-p-b/cve-2019-12750 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-18367
https://notcve.org/view.php?id=CVE-2018-18367
25 Apr 2019 — Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Symantec Endpoint Protection Manager (SEPM), en versiones anteriores e incluyendo a 12.1 RU6 MP9 y anteriores a 14.2 RU1, puede ser susceptible a una vulnerabilidad de precarga de DLL, que es un tipo de pr... • http://www.securityfocus.com/bid/107996 • CWE-426: Untrusted Search Path •
CVSS: 6.5EPSS: 0%CPEs: 53EXPL: 0CVE-2018-18366
https://notcve.org/view.php?id=CVE-2018-18366
25 Apr 2019 — Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory. Symantec Norton Security, versiones anteriores a 22.16.3, SEP (cliente Windows) versiones anteriores e incluyendo... • http://www.securityfocus.com/bid/107994 • CWE-908: Use of Uninitialized Resource •
CVSS: 6.8EPSS: 0%CPEs: 48EXPL: 0CVE-2018-12244
https://notcve.org/view.php?id=CVE-2018-12244
25 Apr 2019 — SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files. SEP (cliente Mac) versiones anteriores a la 12.1 incluida, RU6 MP9 en versiones anteriores a 14.2 RU1 puede ser susceptible a una vulnerabilidad de inyección CSV/DDE (también conocida como formula injection), es un tipo de problema por el cual una ... • https://support.symantec.com/en_US/article.SYMSA1479.html • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-18369
https://notcve.org/view.php?id=CVE-2018-18369
25 Apr 2019 — Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Norton Security (cliente de Windows) anterior a la versión 22.16.3 y SEP SBE (cliente de Windows) anterior a las versiones Cloud Agent 3.00.31.2817, NIS-22.... • http://www.securityfocus.com/bid/107997 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-12238
https://notcve.org/view.php?id=CVE-2018-12238
29 Nov 2018 — Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a datab... • http://www.securityfocus.com/bid/105917 •