CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12751
https://notcve.org/view.php?id=CVE-2019-12751
11 Jul 2019 — Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. El producto Symantec Messaging Gateway, anteriores a la versión 10.7.1, puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema mediante el cual un atacante puede intentar com... • http://www.securityfocus.com/bid/108925 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9703
https://notcve.org/view.php?id=CVE-2019-9703
01 Jul 2019 — Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. Symantec Endpoint Encryption, anterior a versión SEE 11.3.0, puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema que permite que un usuario obtenga accesos elevados a recursos que, normalmente, suelen estar protegidos en n... • http://www.securityfocus.com/bid/108796 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9702
https://notcve.org/view.php?id=CVE-2019-9702
01 Jul 2019 — Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. Symantec Endpoint Encryption anterior a versión SEE 11.3.0, puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema que permite que un usuario obtenga accesos elevados a recursos que normalmente suelen estar protegidos en nive... • http://www.securityfocus.com/bid/108795 •
CVSS: 4.8EPSS: 1%CPEs: 15EXPL: 2CVE-2019-9701 – Symantec DLP 15.5 MP1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-9701
19 Jun 2019 — DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. DLP versión 15.5 MP1 y todas las versiones anteriores puede ser susceptible a una vulnerabilidad de tipo cross site scripting (XSS), que es un tipo de problema que puede permitir a... • https://packetstorm.news/files/id/153512 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9698
https://notcve.org/view.php?id=CVE-2019-9698
08 May 2019 — Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated privileges. El motor AV de Symantec, versiones anteriores a 13.0.9r17, puede ser susceptible a un problema de eliminación arbitraria de archivos, que es un tipo de vulnerabilidad que podría permitir a un atacante eliminar archivos en el sistema residente sin privilegios elevados. • https://support.symantec.com/en_US/article.SYMSA1481.html •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-18367
https://notcve.org/view.php?id=CVE-2018-18367
25 Apr 2019 — Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Symantec Endpoint Protection Manager (SEPM), en versiones anteriores e incluyendo a 12.1 RU6 MP9 y anteriores a 14.2 RU1, puede ser susceptible a una vulnerabilidad de precarga de DLL, que es un tipo de pr... • http://www.securityfocus.com/bid/107996 • CWE-426: Untrusted Search Path •
CVSS: 6.5EPSS: 0%CPEs: 53EXPL: 0CVE-2018-18366
https://notcve.org/view.php?id=CVE-2018-18366
25 Apr 2019 — Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory. Symantec Norton Security, versiones anteriores a 22.16.3, SEP (cliente Windows) versiones anteriores e incluyendo... • http://www.securityfocus.com/bid/107994 • CWE-908: Use of Uninitialized Resource •
CVSS: 6.8EPSS: 0%CPEs: 48EXPL: 0CVE-2018-12244
https://notcve.org/view.php?id=CVE-2018-12244
25 Apr 2019 — SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files. SEP (cliente Mac) versiones anteriores a la 12.1 incluida, RU6 MP9 en versiones anteriores a 14.2 RU1 puede ser susceptible a una vulnerabilidad de inyección CSV/DDE (también conocida como formula injection), es un tipo de problema por el cual una ... • https://support.symantec.com/en_US/article.SYMSA1479.html • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-18369
https://notcve.org/view.php?id=CVE-2018-18369
25 Apr 2019 — Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Norton Security (cliente de Windows) anterior a la versión 22.16.3 y SEP SBE (cliente de Windows) anterior a las versiones Cloud Agent 3.00.31.2817, NIS-22.... • http://www.securityfocus.com/bid/107997 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2019-9694
https://notcve.org/view.php?id=CVE-2019-9694
10 Apr 2019 — Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Encryption anterior a versión SEE 11.2.1 MP1, puede ser susceptible a una vulnerabilidad de Escalada de Privilegios, que es un tipo de problema por del cual un atacante puede intentar comprom... • https://support.symantec.com/en_US/article.SYMSA1478.html •