cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2015-8157,https://securityvulnerability.io/vulnerability/CVE-2015-8157,,"SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.",Broadcom,"Symantec Data Center Security Server,Symantec Critical System Protection,Symantec Embedded Security Critical System Protection,Symantec Data Center Security Server And Agents,Symantec Embedded Security Critical System Protection For Controllers And Devices",8.8,HIGH,0.0011399999493733048,false,,false,false,false,,,false,false,,2016-06-08T14:00:00.000Z,0
CVE-2015-8798,https://securityvulnerability.io/vulnerability/CVE-2015-8798,,"Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to execute arbitrary code via unspecified vectors.",Broadcom,"Symantec Data Center Security Server,Symantec Critical System Protection,Symantec Embedded Security Critical System Protection,Symantec Data Center Security Server And Agents,Symantec Embedded Security Critical System Protection For Controllers And Devices",8,HIGH,0.0029800001066178083,false,,false,false,false,,,false,false,,2016-06-08T14:00:00.000Z,0
CVE-2015-8799,https://securityvulnerability.io/vulnerability/CVE-2015-8799,,"Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to write update-package data to arbitrary agent locations via unspecified vectors.",Broadcom,"Symantec Data Center Security Server,Symantec Data Center Security Server And Agents,Symantec Embedded Security Critical System Protection For Controllers And Devices,Symantec Critical System Protection,Symantec Embedded Security Critical System Protection",7.6,HIGH,0.0014199999859556556,false,,false,false,false,,,false,false,,2016-06-08T14:00:00.000Z,0
CVE-2015-8800,https://securityvulnerability.io/vulnerability/CVE-2015-8800,,"Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allow remote authenticated users to conduct argument-injection attacks by leveraging certain named-pipe access.",Broadcom,"Symantec Critical System Protection,Symantec Data Center Security Server,Symantec Data Center Security Server And Agents,Symantec Embedded Security Critical System Protection,Symantec Embedded Security Critical System Protection For Controllers And Devices",7.3,HIGH,0.0010499999625608325,false,,false,false,false,,,false,false,,2016-06-08T14:00:00.000Z,0
CVE-2014-3440,https://securityvulnerability.io/vulnerability/CVE-2014-3440,,The Agent Control Interface in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary commands by leveraging client-system access to upload a log file.,Broadcom,Symantec Critical System Protection,,,0.002240000059828162,false,,false,false,false,,,false,false,,2015-01-21T11:00:00.000Z,0
CVE-2014-9224,https://securityvulnerability.io/vulnerability/CVE-2014-9224,,Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.,Broadcom,Symantec Critical System Protection,,,0.005679999943822622,false,,false,false,false,,,false,false,,2015-01-21T11:00:00.000Z,0
CVE-2014-9225,https://securityvulnerability.io/vulnerability/CVE-2014-9225,,The ajaxswing webui in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to obtain sensitive server information via unspecified vectors.,Broadcom,Symantec Critical System Protection,,,0.001550000044517219,false,,false,false,false,,,false,false,,2015-01-21T11:00:00.000Z,0
CVE-2014-9226,https://securityvulnerability.io/vulnerability/CVE-2014-9226,,The management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows local users to bypass intended Protection Policies via unspecified vectors.,Broadcom,Symantec Critical System Protection,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2015-01-21T11:00:00.000Z,0
CVE-2014-7289,https://securityvulnerability.io/vulnerability/CVE-2014-7289,,SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request.,Broadcom,Symantec Critical System Protection,,,0.003819999983534217,false,,false,false,false,,,false,false,,2015-01-21T11:00:00.000Z,0
CVE-2013-5016,https://securityvulnerability.io/vulnerability/CVE-2013-5016,,"Symantec Critical System Protection (SCSP) before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors.",Broadcom,Symantec Critical System Protection,,,0.00419999985024333,false,,false,false,false,,,false,false,,2014-05-08T10:00:00.000Z,0