CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-9363
https://notcve.org/view.php?id=CVE-2020-9363
24 Feb 2020 — The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction. El motor de análisis Sophos AV versiones anteriores a 14-01-2020 permite una omisión de la detección de virus por medio de un archivo ZIP diseñado. Es... • https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html • CWE-436: Interpretation Conflict •
CVSS: 6.5EPSS: 0%CPEs: 53EXPL: 0CVE-2018-18366
https://notcve.org/view.php?id=CVE-2018-18366
25 Apr 2019 — Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory. Symantec Norton Security, versiones anteriores a 22.16.3, SEP (cliente Windows) versiones anteriores e incluyendo... • http://www.securityfocus.com/bid/107994 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-18369
https://notcve.org/view.php?id=CVE-2018-18369
25 Apr 2019 — Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Norton Security (cliente de Windows) anterior a la versión 22.16.3 y SEP SBE (cliente de Windows) anterior a las versiones Cloud Agent 3.00.31.2817, NIS-22.... • http://www.securityfocus.com/bid/107997 • CWE-426: Untrusted Search Path •