Latest CVE Feed
-
4.3
MEDIUMCVE-2016-3649
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.26
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2016-3648
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering da... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.61
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
7.7
HIGHCVE-2016-3647
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.24
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-3646
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more
- EPSS Score: %25.98
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-3645
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 ... Read more
- EPSS Score: %75.55
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-3644
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more
- EPSS Score: %29.02
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-2211
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more
Affected Products : linux_kernel macos endpoint_protection norton_power_eraser norton_360 norton_antivirus norton_internet_security message_gateway advanced_threat_protection csapi +10 more products- EPSS Score: %20.02
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
9.0
HIGHCVE-2016-2210
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5... Read more
Affected Products : linux_kernel macos endpoint_protection norton_power_eraser norton_360 norton_antivirus norton_internet_security message_gateway advanced_threat_protection csapi +10 more products- EPSS Score: %29.05
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
9.0
HIGHCVE-2016-2209
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5;... Read more
Affected Products : linux_kernel macos endpoint_protection norton_power_eraser norton_360 norton_antivirus norton_internet_security message_gateway advanced_threat_protection csapi +10 more products- EPSS Score: %29.05
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-2207
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SE... Read more
Affected Products : linux_kernel macos endpoint_protection norton_power_eraser norton_360 norton_antivirus norton_internet_security message_gateway advanced_threat_protection csapi +10 more products- EPSS Score: %50.21
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
3.3
LOWCVE-2015-8801
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.... Read more
Affected Products : endpoint_protection_manager- EPSS Score: %0.06
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-5360
HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.... Read more
- EPSS Score: %46.08
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-5301
The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.... Read more
- EPSS Score: %1.38
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
9.0
HIGHCVE-2016-5020
F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager +4 more products- EPSS Score: %1.76
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
8.8
HIGHCVE-2016-4971
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.... Read more
- EPSS Score: %75.93
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-4803
CRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject.... Read more
Affected Products : dotcms- EPSS Score: %0.40
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
8.1
HIGHCVE-2016-4472
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists becau... Read more
- EPSS Score: %2.44
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
7.6
HIGHCVE-2016-4309
Session fixation vulnerability in Symphony CMS 2.6.7, when session.use_only_cookies is disabled, allows remote attackers to hijack web sessions via the PHPSESSID parameter.... Read more
- EPSS Score: %21.88
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2016-3189
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.... Read more
- EPSS Score: %13.71
- Published: Jun. 30, 2016
- Modified: Jun. 09, 2025
-
7.5
HIGHCVE-2015-8899
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.... Read more
- EPSS Score: %0.08
- Published: Jun. 30, 2016
- Modified: Apr. 12, 2025