cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-5826,https://securityvulnerability.io/vulnerability/CVE-2020-5826,Out of Bounds Vulnerability in Symantec Endpoint Protection Products,Symantec Endpoint Protection and its Small Business Edition may encounter an out of bounds vulnerability that allows the application to read memory outside its allocated bounds. This could lead to potentially exploitable situations where sensitive information could be accessed by unauthorized entities. It is crucial for users of these products to ensure they are running the latest versions to mitigate such risks.,Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:09:08.000Z,0
CVE-2020-5825,https://securityvulnerability.io/vulnerability/CVE-2020-5825,Arbitrary File Write Vulnerability in Symantec Endpoint Protection Products,"Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition are impacted by an arbitrary file write vulnerability. This issue allows an attacker to overwrite files on the affected systems without the necessary permissions, potentially leading to unauthorized modifications and security breaches. It is crucial for users to update to the latest versions to mitigate this risk. More information can be found on Symantec's support page.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),5.5,MEDIUM,0.004029999952763319,false,,false,false,false,,,false,false,,2020-02-11T17:07:31.000Z,0
CVE-2020-5824,https://securityvulnerability.io/vulnerability/CVE-2020-5824,Denial of Service Vulnerability in Symantec Endpoint Protection Products,"Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition versions prior to 14.2 RU2 MP1 and 14.2.5569.2100, respectively, may allow attackers to exploit a denial of service vulnerability. This vulnerability can disrupt the normal operation of these applications by exhausting their resources, resulting in service unavailability and affecting user accessibility.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),5.5,MEDIUM,0.003280000062659383,false,,false,false,false,,,false,false,,2020-02-11T17:07:04.000Z,0
CVE-2020-5823,https://securityvulnerability.io/vulnerability/CVE-2020-5823,Privilege Escalation Vulnerability in Symantec Endpoint Protection Products,"Certain versions of Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) may allow attackers to exploit a privilege escalation vulnerability. This flaw could enable unauthorized access to protected resources, compromising the application's integrity and security posture. Users are encouraged to update their software to the latest versions to mitigate potential security risks.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),7.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2020-02-11T17:04:40.000Z,0
CVE-2020-5822,https://securityvulnerability.io/vulnerability/CVE-2020-5822,Privilege Escalation Vulnerability in Symantec Endpoint Protection,"Symantec Endpoint Protection and its Small Business Edition are affected by a privilege escalation vulnerability, allowing attackers with low-level access to potentially escalate their privileges and gain unauthorized access to critical system resources. This vulnerability arises from insufficient protection mechanisms within the applications, which can be exploited if the software is not updated to the latest versions.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),7.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2020-02-11T17:04:33.000Z,0
CVE-2020-5821,https://securityvulnerability.io/vulnerability/CVE-2020-5821,DLL Injection Vulnerability in Symantec Endpoint Protection Products,"Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition are vulnerable to a DLL injection attack, which allows an attacker to execute unauthorized code within the context of the application. This can compromise system integrity by replacing legitimate processes with malicious code, leading to potential data breaches and unauthorized access to sensitive information. Users are advised to update their software to the latest versions to mitigate this risk.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:02:07.000Z,0
CVE-2020-5820,https://securityvulnerability.io/vulnerability/CVE-2020-5820,Privilege Escalation Issue in Symantec Endpoint Protection Software,"The vulnerability found in Symantec Endpoint Protection and its Small Business Edition allows attackers to exploit the software, potentially gaining elevated privileges that would enable access to restricted resources. This could lead to unauthorized actions being performed on the system, posing significant security risks to affected environments. Users are encouraged to update their software to mitigate the risks associated with this vulnerability.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),7.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2020-02-11T17:01:32.000Z,0
CVE-2016-5311,https://securityvulnerability.io/vulnerability/CVE-2016-5311,Privilege Escalation Vulnerability in Symantec Norton Products,"A privilege escalation vulnerability has been identified in a range of Symantec Norton products, stemming from improper DLL preloading that lacks appropriate path restrictions. This security flaw could enable a local malicious user to gain unauthorized system privileges, potentially allowing them to execute arbitrary code with elevated rights, thereby compromising the affected system's integrity and security.",Symantec,"Norton Antivirus, Norton Antivirus With Backup, Norton Security, Norton Security With Backup, Norton Internet Security, Norton 360,Endpoint Protection Small Business Edition Cloud, And Endpoint Protection Cloud Client",7.8,HIGH,0.0022799998987466097,false,,false,false,false,,,false,false,,2020-01-09T19:30:52.000Z,0
CVE-2019-12757,https://securityvulnerability.io/vulnerability/CVE-2019-12757,Privilege Escalation Vulnerability in Symantec Endpoint Protection and Small Business Edition,"Symantec Endpoint Protection (SEP) and its Small Business Edition are affected by a privilege escalation vulnerability. This issue allows attackers to potentially gain elevated access to restricted resources, posing a significant risk to system integrity. Attackers exploiting this vulnerability could compromise the application, leading to unauthorized access and manipulation of sensitive data. It is crucial for users of affected SEP versions to apply the latest security patches and updates to safeguard their systems from exploitation.",Symantec,"Symantec Endpoint Protection (sep), Symantec Endpoint Protection Small Business Edition (sep Sbe)",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2019-11-15T17:37:31.000Z,0
CVE-2019-12750,https://securityvulnerability.io/vulnerability/CVE-2019-12750,Privilege Escalation in Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition,"Symantec Endpoint Protection and its Small Business Edition versions are vulnerable to a privilege escalation issue. This vulnerability allows attackers to exploit the software to gain elevated access to restricted resources, which are typically secured against unauthorized application or user access. Proper system configurations and updates are crucial to mitigate this risk and protect sensitive information.",Symantec,"Symantec Endpoint Protection, Symantec Endpoint Protection Small Business Edition",7.8,HIGH,0.0006099999882280827,false,,false,false,true,2019-12-21T00:44:25.000Z,true,false,false,,2019-07-31T17:42:08.000Z,0
CVE-2018-18369,https://securityvulnerability.io/vulnerability/CVE-2018-18369,DLL Preloading Vulnerability in Norton Security for Windows by Symantec,"Norton Security for Windows and SEP SBE are vulnerable to a DLL Preloading issue, where an application may inadvertently execute a malicious DLL provided by an attacker, potentially leading to unauthorized actions within the affected software. This vulnerability affects multiple versions and poses a risk to users who may be unaware of the exploit.",Symantec Corporation,"Norton Security,Symantec Endpoint Protection Small Business Edition",7.8,HIGH,0.0008399999933317304,false,,false,false,false,,,false,false,,2019-04-25T16:55:04.000Z,0
CVE-2018-12239,https://securityvulnerability.io/vulnerability/CVE-2018-12239,,"Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.",Symantec Corporation,Norton; Symantec Endpoint Protection (sep); Symantec Endpoint Protection Small Business Edition (sep Sbe); Symantec Endpoint Protection Cloud (sep Cloud),6.8,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2018-11-29T14:00:00.000Z,0
CVE-2018-12238,https://securityvulnerability.io/vulnerability/CVE-2018-12238,,"Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.",Symantec Corporation,Norton; Symantec Endpoint Protection (sep); Symantec Endpoint Protection Small Business Edition (sep Sbe); Symantec Endpoint Protection Cloud (sep Cloud),7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2018-11-29T14:00:00.000Z,0
CVE-2016-5309,https://securityvulnerability.io/vulnerability/CVE-2016-5309,,"The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.",Symantec,"Protection Engine,Protection For Sharepoint Servers,Mail Security For Microsoft Exchange,Messaging Gateway,Mail Security For Domino,Endpoint Protection,Endpoint Protection For Small Business,Web Security.cloud,Messaging Gateway For Service Providers,Advanced Threat Protection,Email Security.cloud,Endpoint Protection Cloud,CSAPi,Web Gateway,Symantec Data Center Security Server",5.5,MEDIUM,0.0030300000216811895,false,,false,false,false,,,false,false,,2017-04-14T18:00:00.000Z,0
CVE-2016-5310,https://securityvulnerability.io/vulnerability/CVE-2016-5310,,"The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.",Symantec,"Protection Engine,Protection For Sharepoint Servers,Mail Security For Microsoft Exchange,Messaging Gateway,Mail Security For Domino,Endpoint Protection,Endpoint Protection For Small Business,Web Security.cloud,Messaging Gateway For Service Providers,Advanced Threat Protection,Email Security.cloud,Endpoint Protection Cloud,CSAPi,Web Gateway,Symantec Data Center Security Server",5.5,MEDIUM,0.0062500000931322575,false,,false,false,false,,,false,false,,2017-04-14T18:00:00.000Z,0