CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2402 – Stack Overflow in ESET Endpoint Encryption and ESET Full Disk Encryption for Windows
https://notcve.org/view.php?id=CVE-2022-2402
06 Sep 2022 — The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD. Una vulnerabilidad en el controlador dlpfde.sys permite a un usuario que haya iniciado sesión en el sistema llevar a cabo llamadas al sistema, conllevando a un desbordamiento de la pila del kernel, resultando en un bloqueo del sistema, por ejemplo, un BSOD. • https://support.eset.com/en/ca8298-vulnerability-fixed-in-eset-endpoint-encryption-and-eset-full-disk-encryption-for-windows • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-6590
https://notcve.org/view.php?id=CVE-2016-6590
08 Jan 2020 — A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code. Existe una vulnerabilidad de escalada de privilegios cuando se cargan bibliotecas DLL durante el arranque y el rein... • http://www.securityfocus.com/bid/94279 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9703
https://notcve.org/view.php?id=CVE-2019-9703
01 Jul 2019 — Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. Symantec Endpoint Encryption, anterior a versión SEE 11.3.0, puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema que permite que un usuario obtenga accesos elevados a recursos que, normalmente, suelen estar protegidos en n... • http://www.securityfocus.com/bid/108796 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9702
https://notcve.org/view.php?id=CVE-2019-9702
01 Jul 2019 — Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. Symantec Endpoint Encryption anterior a versión SEE 11.3.0, puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema que permite que un usuario obtenga accesos elevados a recursos que normalmente suelen estar protegidos en nive... • http://www.securityfocus.com/bid/108795 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2019-9694
https://notcve.org/view.php?id=CVE-2019-9694
10 Apr 2019 — Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Encryption anterior a versión SEE 11.2.1 MP1, puede ser susceptible a una vulnerabilidad de Escalada de Privilegios, que es un tipo de problema por del cual un atacante puede intentar comprom... • https://support.symantec.com/en_US/article.SYMSA1478.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15525
https://notcve.org/view.php?id=CVE-2017-15525
13 Nov 2017 — Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. Symantec Endpoint Encryption, en versiones anteriores a SEE v11.1.3MP1, puede ser susceptible a un ataque de denegación de servicio (DoS), que es un tipo de ataque en el qu... • http://www.securityfocus.com/bid/101697 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15526
https://notcve.org/view.php?id=CVE-2017-15526
13 Nov 2017 — Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario. Symantec Endpoint Encryption, en versiones anteriores a SEE v11.1.3MP1, puede ser susceptible a un problema de desreferencia de puntero null, que puede resultar en una NullPointerException que conduzca a un escenario de escalado de privilegios. • http://www.securityfocus.com/bid/101698 • CWE-476: NULL Pointer Dereference •
CVSS: 5.7EPSS: 0%CPEs: 4EXPL: 0CVE-2017-13683
https://notcve.org/view.php?id=CVE-2017-13683
23 Oct 2017 — In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code. En Symantec Endpoint Encryption en versiones anteriores a SEE 11.1.3HF3, una fuga de memoria de kernel es un tipo de fuga de re... • http://www.securityfocus.com/bid/101498 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13675
https://notcve.org/view.php?id=CVE-2017-13675
10 Oct 2017 — A denial of service (DoS) attack in Symantec Endpoint Encryption before SEE 11.1.3HF2 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. Un ataque de denegación de servicio (DoS) en Symantec Endpoint Encryption en versiones anteriores a SEE 11.1.3HF2 permite a atacantes remotos que hagan que una máquina o un recurso de red en particular deje de estar disponible para... • http://www.securityfocus.com/bid/101089 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8156
https://notcve.org/view.php?id=CVE-2015-8156
14 May 2016 — Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe. Vulnerabilidad de ruta de búsqueda sin entrecomillar en Windows en EEDService en Symantec Endpoint Encryption (SEE) 11.x en versiones anteriores a 11.1.1 permite a usuarios locales obtener privilegios a través de un archivo ejecutable Troyano en el directorio %... • http://www.securityfocus.com/bid/90050 •