cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-5837,https://securityvulnerability.io/vulnerability/CVE-2020-5837,Elevation of Privilege Vulnerability in Symantec Endpoint Protection by Broadcom,"A vulnerability exists in Symantec Endpoint Protection, where improper handling of file permissions allows log files to be replaced using symbolic links. This flaw can enable attackers to potentially gain unauthorized access, leading to an escalation of privileges within the system.",Symantec,Symantec Endpoint Protection,7.8,HIGH,0.00044999999227002263,false,,false,false,true,2020-04-16T08:15:18.000Z,true,false,false,,2020-05-11T19:25:45.000Z,0
CVE-2020-5836,https://securityvulnerability.io/vulnerability/CVE-2020-5836,File Access Control Reset Vulnerability in Symantec Endpoint Protection,"A vulnerability exists in Symantec Endpoint Protection that could allow an attacker with limited user privileges to alter file Access Control Lists (ACLs). This issue is particularly concerning when the Tamper Protection feature is disabled, as it opens avenues for unauthorized modifications to file permissions, potentially leading to data exposure or manipulation.",Symantec,Symantec Endpoint Protection,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-05-11T19:23:11.000Z,0
CVE-2020-5835,https://securityvulnerability.io/vulnerability/CVE-2020-5835,Race Condition Vulnerability in Symantec Endpoint Protection Manager,"A race condition exists in the client remote deployment feature of Symantec Endpoint Protection Manager, which allows unauthorized users to execute arbitrary code with elevated privileges on affected remote systems. This vulnerability may be exploited by an attacker to gain increased access rights, potentially compromising sensitive data and operations within the managed environment.",Symantec,Symantec Endpoint Protection Manager,7,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-05-11T19:22:58.000Z,0
CVE-2020-5834,https://securityvulnerability.io/vulnerability/CVE-2020-5834,Directory Traversal Vulnerability in Symantec Endpoint Protection Manager,"A directory traversal vulnerability exists in Symantec Endpoint Protection Manager, allowing remote actors to exploit this weakness. By manipulating directory paths, an attacker could potentially gain knowledge about file sizes within the directory structure, leading to unauthorized access to sensitive information. This issue specifically affects versions prior to 14.3, emphasizing the need for users to ensure their systems are up-to-date to mitigate risks associated with this exposure.",Symantec,Symantec Endpoint Protection Manager,5.3,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2020-05-11T19:19:56.000Z,0
CVE-2020-5833,https://securityvulnerability.io/vulnerability/CVE-2020-5833,Out of Bounds Vulnerability in Symantec Endpoint Protection Manager,"Symantec Endpoint Protection Manager, versions prior to 14.3, has a vulnerability that allows potentially malicious entities to read memory locations that are outside the allocated memory space of the application. This could lead to unauthorized access to sensitive information, posing a significant risk to security and privacy.",Symantec,Symantec Endpoint Protection Manager,3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-05-11T19:19:45.000Z,0
CVE-2020-5831,https://securityvulnerability.io/vulnerability/CVE-2020-5831,Out of Bounds Vulnerability in Symantec Endpoint Protection Manager,"The Symantec Endpoint Protection Manager (SEPM) versions before 14.2 RU2 MP1 are affected by an out of bounds vulnerability. This flaw allows the application to read memory outside the allocated boundaries, potentially exposing sensitive data or leading to unintended application behavior. Organizations using affected versions are advised to upgrade to mitigate the risks associated with this vulnerability.",Symantec,Symantec Endpoint Protection Manager (sepm),3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:12:59.000Z,0
CVE-2020-5830,https://securityvulnerability.io/vulnerability/CVE-2020-5830,Out of Bounds Vulnerability in Symantec Endpoint Protection Manager,"The vulnerability in Symantec Endpoint Protection Manager (SEPM), present in versions prior to 14.2 RU2 MP1, allows the application to read memory locations that are outside the allocated bounds. This can potentially lead to security issues where attackers might exploit this flaw to gain unauthorized access to sensitive information or disrupt normal application functionalities.",Symantec,Symantec Endpoint Protection Manager (sepm),3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:12:50.000Z,0
CVE-2020-5829,https://securityvulnerability.io/vulnerability/CVE-2020-5829,Out of Bounds Memory Vulnerability in Symantec Endpoint Protection Manager,The vulnerability allows unauthorized access to memory that falls outside the allocated bounds for the Symantec Endpoint Protection Manager. This issue may lead to potential information disclosure and could enable attackers to exploit system weaknesses if left unpatched. Proper updates and security measures should be employed to mitigate the risks associated with this vulnerability as outlined by the vendor.,Symantec,Symantec Endpoint Protection Manager (sepm),3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:11:31.000Z,0
CVE-2020-5828,https://securityvulnerability.io/vulnerability/CVE-2020-5828,Out of Bounds Vulnerability in Symantec Endpoint Protection Manager,"An out of bounds vulnerability exists in Symantec Endpoint Protection Manager prior to version 14.2 RU2 MP1. This issue allows the application to access memory locations outside the allocated bounds, potentially leading to unauthorized data exposure or application instability. It poses risks to users by potentially enabling an attacker to manipulate the memory context, thereby affecting the system's integrity.",Symantec,Symantec Endpoint Protection Manager (sepm),3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:11:18.000Z,0
CVE-2020-5827,https://securityvulnerability.io/vulnerability/CVE-2020-5827,Out of Bounds Vulnerability in Symantec Endpoint Protection Manager,"An out of bounds vulnerability has been identified in Symantec Endpoint Protection Manager (SEPM), allowing unauthorized access to memory not allocated to the application. This could lead to vulnerabilities in data protection measures, potentially exposing sensitive information. Systems running versions prior to 14.2 RU2 MP1 are particularly at risk, making timely updates essential for maintaining security and protecting against potential exploitation.",Symantec,Symantec Endpoint Protection Manager (sepm),3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:09:19.000Z,0
CVE-2020-5826,https://securityvulnerability.io/vulnerability/CVE-2020-5826,Out of Bounds Vulnerability in Symantec Endpoint Protection Products,Symantec Endpoint Protection and its Small Business Edition may encounter an out of bounds vulnerability that allows the application to read memory outside its allocated bounds. This could lead to potentially exploitable situations where sensitive information could be accessed by unauthorized entities. It is crucial for users of these products to ensure they are running the latest versions to mitigate such risks.,Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:09:08.000Z,0
CVE-2020-5825,https://securityvulnerability.io/vulnerability/CVE-2020-5825,Arbitrary File Write Vulnerability in Symantec Endpoint Protection Products,"Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition are impacted by an arbitrary file write vulnerability. This issue allows an attacker to overwrite files on the affected systems without the necessary permissions, potentially leading to unauthorized modifications and security breaches. It is crucial for users to update to the latest versions to mitigate this risk. More information can be found on Symantec's support page.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),5.5,MEDIUM,0.004029999952763319,false,,false,false,false,,,false,false,,2020-02-11T17:07:31.000Z,0
CVE-2020-5824,https://securityvulnerability.io/vulnerability/CVE-2020-5824,Denial of Service Vulnerability in Symantec Endpoint Protection Products,"Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition versions prior to 14.2 RU2 MP1 and 14.2.5569.2100, respectively, may allow attackers to exploit a denial of service vulnerability. This vulnerability can disrupt the normal operation of these applications by exhausting their resources, resulting in service unavailability and affecting user accessibility.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),5.5,MEDIUM,0.003280000062659383,false,,false,false,false,,,false,false,,2020-02-11T17:07:04.000Z,0
CVE-2020-5823,https://securityvulnerability.io/vulnerability/CVE-2020-5823,Privilege Escalation Vulnerability in Symantec Endpoint Protection Products,"Certain versions of Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) may allow attackers to exploit a privilege escalation vulnerability. This flaw could enable unauthorized access to protected resources, compromising the application's integrity and security posture. Users are encouraged to update their software to the latest versions to mitigate potential security risks.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),7.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2020-02-11T17:04:40.000Z,0
CVE-2020-5822,https://securityvulnerability.io/vulnerability/CVE-2020-5822,Privilege Escalation Vulnerability in Symantec Endpoint Protection,"Symantec Endpoint Protection and its Small Business Edition are affected by a privilege escalation vulnerability, allowing attackers with low-level access to potentially escalate their privileges and gain unauthorized access to critical system resources. This vulnerability arises from insufficient protection mechanisms within the applications, which can be exploited if the software is not updated to the latest versions.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),7.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2020-02-11T17:04:33.000Z,0
CVE-2020-5821,https://securityvulnerability.io/vulnerability/CVE-2020-5821,DLL Injection Vulnerability in Symantec Endpoint Protection Products,"Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition are vulnerable to a DLL injection attack, which allows an attacker to execute unauthorized code within the context of the application. This can compromise system integrity by replacing legitimate processes with malicious code, leading to potential data breaches and unauthorized access to sensitive information. Users are advised to update their software to the latest versions to mitigate this risk.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-02-11T17:02:07.000Z,0
CVE-2020-5820,https://securityvulnerability.io/vulnerability/CVE-2020-5820,Privilege Escalation Issue in Symantec Endpoint Protection Software,"The vulnerability found in Symantec Endpoint Protection and its Small Business Edition allows attackers to exploit the software, potentially gaining elevated privileges that would enable access to restricted resources. This could lead to unauthorized actions being performed on the system, posing significant security risks to affected environments. Users are encouraged to update their software to mitigate the risks associated with this vulnerability.",Symantec,Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe),7.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2020-02-11T17:01:32.000Z,0
CVE-2019-18372,https://securityvulnerability.io/vulnerability/CVE-2019-18372,Privilege Escalation Vulnerability in Symantec Endpoint Protection,"Symantec Endpoint Protection versions prior to 14.2 RU2 are vulnerable to a privilege escalation issue. This vulnerability allows attackers to exploit the application to gain elevated permissions, enabling access to protected system resources. Attackers could potentially leverage this security gap to execute unauthorized actions, compromising the integrity and security of critical systems managed by Symantec Endpoint Protection.",Symantec,Symantec Endpoint Protection,7.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2019-11-15T17:41:41.000Z,0
CVE-2019-12759,https://securityvulnerability.io/vulnerability/CVE-2019-12759,Privilege Escalation Vulnerability in Symantec Endpoint Protection Manager and Mail Security for MS Exchange,"Symantec Endpoint Protection Manager and Symantec Mail Security for MS Exchange exhibit a vulnerability that allows attackers to exploit weaknesses in the software. If successful, an attacker could gain unauthorized elevated access to sensitive resources, potentially compromising critical data and operational integrity. Users of these products are advised to update to the latest versions to mitigate the risk.",Symantec,"Symantec Endpoint Protection Manager (sepm), Symantec Mail Security For Ms Exchange (smsmse)",7.8,HIGH,0.0016400000313296914,false,,false,false,false,,,false,false,,2019-11-15T17:41:24.000Z,0
CVE-2019-12758,https://securityvulnerability.io/vulnerability/CVE-2019-12758,Unsigned Code Execution Vulnerability in Symantec Endpoint Protection,"Symantec Endpoint Protection, prior to version 14.2 RU2, is vulnerable to an unsigned code execution vulnerability. This flaw enables attackers to execute malicious code without proper digital signatures, bypassing security measures implemented for application integrity. Organizations using affected versions may face significant security risks, potentially allowing unauthorized access or control of their endpoints. It is crucial for users to upgrade to the latest version to mitigate possible exploitation.",Symantec,Symantec Endpoint Protection,6.7,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2019-11-15T17:37:43.000Z,0
CVE-2019-12757,https://securityvulnerability.io/vulnerability/CVE-2019-12757,Privilege Escalation Vulnerability in Symantec Endpoint Protection and Small Business Edition,"Symantec Endpoint Protection (SEP) and its Small Business Edition are affected by a privilege escalation vulnerability. This issue allows attackers to potentially gain elevated access to restricted resources, posing a significant risk to system integrity. Attackers exploiting this vulnerability could compromise the application, leading to unauthorized access and manipulation of sensitive data. It is crucial for users of affected SEP versions to apply the latest security patches and updates to safeguard their systems from exploitation.",Symantec,"Symantec Endpoint Protection (sep), Symantec Endpoint Protection Small Business Edition (sep Sbe)",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2019-11-15T17:37:31.000Z,0
CVE-2019-12756,https://securityvulnerability.io/vulnerability/CVE-2019-12756,Password Protection Bypass in Symantec Endpoint Protection by Symantec,"Symantec Endpoint Protection (SEP) versions prior to 14.2 RU2 are exposed to a password protection bypass vulnerability. This security flaw enables individuals with local administrator privileges to circumvent the secondary layer of password protection, potentially allowing unauthorized access to protected features and sensitive configurations.",Symantec,Symantec Endpoint Protection (sep),2.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2019-11-15T16:58:23.000Z,0
CVE-2018-18368,https://securityvulnerability.io/vulnerability/CVE-2018-18368,Privilege Escalation Vulnerability in Symantec Endpoint Protection Manager,"The Symantec Endpoint Protection Manager (SEPM) software, prior to version 14.2 RU1, has been identified as being susceptible to a privilege escalation flaw. This vulnerability may allow an attacker to exploit the application, leading to unauthorized access to privileged resources that are typically restricted from application or user access. This can pose significant risks to system integrity and data security.",Symantec,Symantec Endpoint Protection Manager (sepm),7.8,HIGH,0.00044999999227002263,false,,false,false,true,2019-07-27T10:22:19.000Z,true,false,false,,2019-11-15T16:58:10.000Z,0
CVE-2019-12750,https://securityvulnerability.io/vulnerability/CVE-2019-12750,Privilege Escalation in Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition,"Symantec Endpoint Protection and its Small Business Edition versions are vulnerable to a privilege escalation issue. This vulnerability allows attackers to exploit the software to gain elevated access to restricted resources, which are typically secured against unauthorized application or user access. Proper system configurations and updates are crucial to mitigate this risk and protect sensitive information.",Symantec,"Symantec Endpoint Protection, Symantec Endpoint Protection Small Business Edition",7.8,HIGH,0.0006099999882280827,false,,false,false,true,2019-12-21T00:44:25.000Z,true,false,false,,2019-07-31T17:42:08.000Z,0
CVE-2018-18367,https://securityvulnerability.io/vulnerability/CVE-2018-18367,DLL Preloading Vulnerability in Symantec Endpoint Protection Manager,"The Symantec Endpoint Protection Manager (SEPM) prior to and including version 12.1 RU6 MP9 and version 14.2 RU1 is prone to a DLL Preloading vulnerability. This occurs when an application attempts to load a Dynamic Link Library (DLL) file and fails to validate its origin, allowing an attacker to exploit this weakness by providing a malicious DLL. Successfully executing this attack could lead to unauthorized actions within the system, putting sensitive data at risk.",Symantec Corporation,Symantec Endpoint Protection Manager,7.8,HIGH,0.0008399999933317304,false,,false,false,false,,,false,false,,2019-04-25T19:22:17.000Z,0