cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-18371,https://securityvulnerability.io/vulnerability/CVE-2018-18371,Information Disclosure in ASG/ProxySG FTP Proxy WebFTP Mode by Symantec,"The ASG/ProxySG FTP proxy WebFTP mode contains a vulnerability that can be exploited by malicious users to gain unauthorized access to plain-text authentication credentials. When users access FTP servers through a web browser via the ftp:// URL, the WebFTP mode unintentionally exposes sensitive information about these FTP sessions, allowing attackers to intercept credentials from the web listing of the FTP server.",Symantec Corporation,"Symantec Advanced Secure Gateway (asg),Symantec Proxysg",6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2019-08-30T09:15:00.000Z,0
CVE-2018-18370,https://securityvulnerability.io/vulnerability/CVE-2018-18370,Stored Cross-Site Scripting in ASG/ProxySG FTP Proxy by Symantec,"The ASG/ProxySG FTP proxy's WebFTP mode introduces a stored cross-site scripting vulnerability. This flaw enables a remote attacker to inject malicious JavaScript code into the web listing of a remote FTP server accessed via a web browser. To exploit this vulnerability, the attacker must first upload specially crafted files to the affected FTP server. The impacted versions include ASG 6.6 and 6.7 prior to 6.7.4.2, and ProxySG 6.5 prior to 6.5.10.15, as well as 6.6 and 6.7 prior to 6.7.4.2. Proper security measures should be taken to mitigate risks associated with this flaw.",Symantec Corporation,"Symantec Advanced Secure Gateway (asg),Symantec Proxysg",6.1,MEDIUM,0.0011500000255182385,false,,false,false,false,,,false,false,,2019-08-30T09:15:00.000Z,0
CVE-2018-5241,https://securityvulnerability.io/vulnerability/CVE-2018-5241,,"Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, ASG and ProxySG incorrectly handle XML nodes with comments. A remote attacker can modify a valid SAML response without invalidating its cryptographic signature. This may allow the attacker to bypass user authentication security controls in ASG and ProxySG. This vulnerability only affects authentication of network users in intercepted traffic. It does not affect administrator user authentication for the ASG and ProxySG management consoles.",Symantec Corporation,"Advanced Secure Gateway (asg),Proxysg",9.8,CRITICAL,0.004780000075697899,false,,false,false,false,,,false,false,,2018-05-29T13:29:00.000Z,0
CVE-2016-10258,https://securityvulnerability.io/vulnerability/CVE-2016-10258,,Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code.,Symantec Corporation,"Advanced Secure Gateway (asg),Proxysg",6.8,MEDIUM,0.011680000461637974,false,,false,false,false,,,false,false,,2018-04-11T14:29:00.000Z,0
CVE-2017-13678,https://securityvulnerability.io/vulnerability/CVE-2017-13678,,Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application.,Symantec Corporation,"Advanced Secure Gateway (asg),Proxysg",4.8,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2018-04-11T14:29:00.000Z,0
CVE-2017-13677,https://securityvulnerability.io/vulnerability/CVE-2017-13677,,Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes.,Symantec Corporation,"Advanced Secure Gateway (asg),Proxysg",7.5,HIGH,0.004920000210404396,false,,false,false,false,,,false,false,,2018-04-11T14:29:00.000Z,0
CVE-2016-9097,https://securityvulnerability.io/vulnerability/CVE-2016-9097,,"The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges.",Symantec Corporation,Symantec Advanced Secure Gateway (asg) And Proxysg,7.2,HIGH,0.002139999996870756,false,,false,false,false,,,false,false,,2017-05-11T14:30:00.000Z,0
CVE-2016-5310,https://securityvulnerability.io/vulnerability/CVE-2016-5310,,"The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.",Symantec,"Protection Engine,Protection For Sharepoint Servers,Mail Security For Microsoft Exchange,Messaging Gateway,Mail Security For Domino,Endpoint Protection,Endpoint Protection For Small Business,Web Security.cloud,Messaging Gateway For Service Providers,Advanced Threat Protection,Email Security.cloud,Endpoint Protection Cloud,CSAPi,Web Gateway,Symantec Data Center Security Server",5.5,MEDIUM,0.0062500000931322575,false,,false,false,false,,,false,false,,2017-04-14T18:00:00.000Z,0
CVE-2016-5309,https://securityvulnerability.io/vulnerability/CVE-2016-5309,,"The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.",Symantec,"Protection Engine,Protection For Sharepoint Servers,Mail Security For Microsoft Exchange,Messaging Gateway,Mail Security For Domino,Endpoint Protection,Endpoint Protection For Small Business,Web Security.cloud,Messaging Gateway For Service Providers,Advanced Threat Protection,Email Security.cloud,Endpoint Protection Cloud,CSAPi,Web Gateway,Symantec Data Center Security Server",5.5,MEDIUM,0.0030300000216811895,false,,false,false,false,,,false,false,,2017-04-14T18:00:00.000Z,0
CVE-2009-3032,https://securityvulnerability.io/vulnerability/CVE-2009-3032,,"Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.",Symantec,"Data Loss Prevention Detection Servers,Mail Security,Im Manager 2007,Lotus Notes,Data Loss Prevention Endpoint Agents,Brightmail Gateway",,,0.003160000080242753,false,,false,false,false,,,false,false,,2010-03-05T19:00:00.000Z,0
CVE-2006-4562,https://securityvulnerability.io/vulnerability/CVE-2006-4562,,"The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker.  NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface",Symantec,Gateway Security,,,0.0017800000496208668,false,,false,false,false,,,false,false,,2006-09-06T00:00:00.000Z,0
CVE-2006-2341,https://securityvulnerability.io/vulnerability/CVE-2006-2341,,"The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.",Symantec,"Enterprise Firewall,Gateway Security",,,0.013770000077784061,false,,false,false,false,,,false,false,,2006-05-12T01:00:00.000Z,0
CVE-2005-0249,https://securityvulnerability.io/vulnerability/CVE-2005-0249,,Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.,Symantec,"Norton Internet Security,Client Security,Mail Security,Norton Antivirus,Sav Filter Domino Nt Ports,Web Security,Norton System Works,Brightmail Antispam,Gateway Security,Sav Filter For Domino Nt,Antivirus Scan Engine",,,0.01566999964416027,false,,false,false,false,,,false,false,,2005-02-08T05:00:00.000Z,0
CVE-2004-1474,https://securityvulnerability.io/vulnerability/CVE-2004-1474,,"Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.",Symantec,"Gateway Security 360,Firewall Vpn Appliance 200,Nexland Wavebase Firewall Appliance,Gateway Security 320,Nexland Pro400 Firewall Appliance,Gateway Security 360r,Nexland Pro800turbo Firewall Appliance,Nexland Pro800 Firewall Appliance,Nexland Pro100 Firewall Appliance,Firewall Vpn Appliance 200r,Nexland Isb Soho Firewall Appliance,Firewall Vpn Appliance 100",,,0.003949999809265137,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0
CVE-2004-1472,https://securityvulnerability.io/vulnerability/CVE-2004-1472,,"Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.",Symantec,"Firewall Vpn Appliance 200,Nexland Wavebase Firewall Appliance,Gateway Security,Nexland Pro400 Firewall Appliance,Nexland Pro800turbo Firewall Appliance,Nexland Pro800 Firewall Appliance,Nexland Pro100 Firewall Appliance,Firewall Vpn Appliance 200r,Nexland Isb Soho Firewall Appliance,Firewall Vpn Appliance 100",,,0.00279000005684793,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0
CVE-2004-1473,https://securityvulnerability.io/vulnerability/CVE-2004-1473,,"Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.",Symantec,"Gateway Security 360,Firewall Vpn Appliance 200,Nexland Wavebase Firewall Appliance,Gateway Security 320,Nexland Pro400 Firewall Appliance,Gateway Security 360r,Nexland Pro800turbo Firewall Appliance,Nexland Pro800 Firewall Appliance,Nexland Pro100 Firewall Appliance,Firewall Vpn Appliance 200r,Nexland Isb Soho Firewall Appliance,Firewall Vpn Appliance 100",,,0.004920000210404396,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0
CVE-2004-0192,https://securityvulnerability.io/vulnerability/CVE-2004-0192,,"Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.",Symantec,Gateway Security 5400,,,0.0034099998883903027,false,,false,false,false,,,false,false,,2004-03-15T05:00:00.000Z,0