Latest CVE Feed
-
4.3
MEDIUMCVE-2016-5307
Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.10
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
5.3
MEDIUMCVE-2016-5306
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on po... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.34
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
5.4
MEDIUMCVE-2016-5305
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.46
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
6.8
MEDIUMCVE-2016-5304
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %7.15
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
8.0
HIGHCVE-2016-3653
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.16
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
5.4
MEDIUMCVE-2016-3652
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.91
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
8.0
HIGHCVE-2016-3651
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %1.49
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2016-3650
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.47
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2016-3649
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.26
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2016-3648
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering da... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.61
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
7.7
HIGHCVE-2016-3647
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.24
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-3646
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more
- EPSS Score: %25.98
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-3645
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 ... Read more
- EPSS Score: %75.55
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-3644
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more
- EPSS Score: %29.02
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-2211
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more
Affected Products : linux_kernel macos endpoint_protection norton_power_eraser norton_360 norton_antivirus norton_internet_security message_gateway advanced_threat_protection csapi +10 more products- EPSS Score: %20.02
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
9.0
HIGHCVE-2016-2210
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5... Read more
Affected Products : linux_kernel macos endpoint_protection norton_power_eraser norton_360 norton_antivirus norton_internet_security message_gateway advanced_threat_protection csapi +10 more products- EPSS Score: %29.05
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
9.0
HIGHCVE-2016-2209
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5;... Read more
Affected Products : linux_kernel macos endpoint_protection norton_power_eraser norton_360 norton_antivirus norton_internet_security message_gateway advanced_threat_protection csapi +10 more products- EPSS Score: %29.05
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-2207
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more
Affected Products : linux_kernel macos endpoint_protection norton_power_eraser norton_360 norton_antivirus norton_internet_security message_gateway advanced_threat_protection csapi +10 more products- EPSS Score: %50.21
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2015-8801
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.06
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-5360
HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.... Read more
- EPSS Score: %46.08
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025