cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2012-4953,https://securityvulnerability.io/vulnerability/CVE-2012-4953,,"The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file.",Symantec,"Antivirus,Scan Engine,Endpoint Protection",,,0.01906999945640564,false,,false,false,false,,,false,false,,2012-11-14T11:00:00.000Z,0
CVE-2008-0309,https://securityvulnerability.io/vulnerability/CVE-2008-0309,,"Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).",Symantec,"Symantec Antivirus Filtering Domino Mpe,Symantec Mail Security For Microsoft Exchange,Symantec Antivirus Scan Engine For Ms Isa,Symantec Antivirus Scan Engine Clearswift,Symantec Antivirus Scan Engine,Scan Engine,Symantec Antivirus Scan Engine For Microsoft Sharepoint,Symantec Antivirus Scan Engine Messaging,Symantec Antivirus Scan Engine Caching,Symantec Antivirus Network Attached Storage",,,0.09509000182151794,false,,false,false,false,,,false,false,,2008-02-28T20:00:00.000Z,0
CVE-2008-0308,https://securityvulnerability.io/vulnerability/CVE-2008-0308,,"Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).",Symantec,"Symantec Antivirus Filtering Domino Mpe,Symantec Antivirus Ms Isa,Symantec Antivirus Scan Engine,Symantec Antivirus Messaging,Scan Engine,Symantec Antivirus Microsoft Sharepoint,Symantec Mail Security Exchange,Symantec Antivirus Clearswift,Symantec Antivirus Scan Engine Caching,Symantec Antivirus Network Attached Storage",,,0.014990000054240227,false,,false,false,false,,,false,false,,2008-02-28T20:00:00.000Z,0
CVE-2007-0447,https://securityvulnerability.io/vulnerability/CVE-2007-0447,,Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.,Symantec,"Mail Security,Client Security,Norton Antivirus,Norton Internet Security,Antivirus Scan Engine,Web Security,Brightmail Antispam,Norton System Works,Symantec Antivirus Filtering \+for Domino,Norton Personal Firewall",,,0.1824599951505661,false,,false,false,false,,,false,false,,2007-10-05T21:00:00.000Z,0
CVE-2007-3699,https://securityvulnerability.io/vulnerability/CVE-2007-3699,,The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.,Symantec,"Mail Security,Client Security,Norton Antivirus,Norton Internet Security,Antivirus Scan Engine,Web Security,Brightmail Antispam,Norton System Works,Symantec Antivirus Filtering \+for Domino,Norton Personal Firewall",,,0.0521400012075901,false,,false,false,false,,,false,false,,2007-10-05T21:00:00.000Z,0
CVE-2006-0231,https://securityvulnerability.io/vulnerability/CVE-2006-0231,,"Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.",Symantec,Antivirus Scan Engine,,,0.39902999997138977,false,,false,false,false,,,false,false,,2006-04-25T01:00:00.000Z,0
CVE-2006-0230,https://securityvulnerability.io/vulnerability/CVE-2006-0230,,"Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.",Symantec,Antivirus Scan Engine,,,0.16380999982357025,false,,false,false,false,,,false,false,,2006-04-25T01:00:00.000Z,0
CVE-2006-0232,https://securityvulnerability.io/vulnerability/CVE-2006-0232,,"Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests.",Symantec,Antivirus Scan Engine,,,0.05916000157594681,false,,false,false,false,,,false,false,,2006-04-25T01:00:00.000Z,0
CVE-2005-3217,https://securityvulnerability.io/vulnerability/CVE-2005-3217,,"Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.",Symantec,Antivirus Scan Engine,,,0.0016899999463930726,false,,false,false,false,,,false,false,,2005-10-14T04:00:00.000Z,0
CVE-2005-2758,https://securityvulnerability.io/vulnerability/CVE-2005-2758,,"Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.",Symantec,"Antivirus Scan Engine,Antivirus Scan Engine For Network Attached Storage",,,0.07836999744176865,false,,false,false,false,,,false,false,,2005-10-05T04:00:00.000Z,0
CVE-2005-1346,https://securityvulnerability.io/vulnerability/CVE-2005-1346,,"Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.",Symantec,"Norton Internet Security,Symav Filter Domino Nt,Mail Security,Antivirus Scan Engine,Web Security,Norton Antivirus,Norton System Works",,,0.002689999993890524,false,,false,false,false,,,false,false,,2005-05-02T04:00:00.000Z,0
CVE-2005-0249,https://securityvulnerability.io/vulnerability/CVE-2005-0249,,Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.,Symantec,"Norton Internet Security,Client Security,Mail Security,Norton Antivirus,Sav Filter Domino Nt Ports,Web Security,Norton System Works,Brightmail Antispam,Gateway Security,Sav Filter For Domino Nt,Antivirus Scan Engine",,,0.01566999964416027,false,,false,false,false,,,false,false,,2005-02-08T05:00:00.000Z,0
CVE-2004-0217,https://securityvulnerability.io/vulnerability/CVE-2004-0217,,The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.,Symantec,Antivirus Scan Engine,7,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2004-04-15T04:00:00.000Z,0