CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 120 / 153
«« 先頭 « 前へ 1 / 8 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2025-0893 Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation vulnerability. 7.8 0.06% 2025-02-19 2026-06-17
CVE-2025-13917 WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.0 0.08% 2026-01-28 2026-06-17
CVE-2025-9059 The Altiris Core Agent Updater package (AeXNSC.exe) is prone to an elevation of privileges vulnerability through DLL hijacking. 8.8 0.11% 2025-09-11 2026-06-17
CVE-2026-3991 Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1, 16.1 MP2, 16.0 RU2 HF9, 16.0 RU1 MP1 HF12, and 16.0 MP2 HF15, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.16% 2026-03-30 2026-06-17
CVE-2022-25631 Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated 7.8 0.17% 2023-01-20 2026-06-17
CVE-2025-24507 This vulnerability allows appliance compromise at boot time. 8.9 0.18% 2025-01-30 2026-06-17
CVE-2023-23953 Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability. 7.8 0.19% 2023-05-31 2026-06-17
CVE-2019-9703 Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. 7.8 0.21% 2019-07-01 2026-06-16
CVE-2019-9702 Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. 7.8 0.21% 2019-07-01 2026-06-16
CVE-2025-24500 The vulnerability allows an unauthenticated attacker to access information in PAM database. 8.7 0.22% 2025-01-30 2026-06-17
CVE-2024-38499 CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to execute "caf encrypt"/"sd_acmd encrypt" commands. 7.3 0.22% 2024-12-17 2026-06-17
CVE-2025-24503 A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server. 9.3 0.23% 2025-01-30 2026-06-17
CVE-2019-9694 Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.24% 2019-04-10 2026-06-16
CVE-2022-25623 The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations. 7.8 0.27% 2022-03-04 2026-06-17
CVE-2025-24505 This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file. 8.8 0.28% 2025-01-30 2026-06-17
CVE-2024-38491 The vulnerability allows an unauthenticated attacker to read arbitrary information from the database. 8.4 0.28% 2024-07-15 2026-06-17
CVE-2015-8150 Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. 7.8 0.29% 2016-02-18 2026-06-16
CVE-2015-8156 Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe. 7.8 0.29% 2016-05-13 2026-06-16
CVE-2016-6591 A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions. 7.1 0.29% 2020-01-08 2026-06-16
CVE-2020-5835 Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine. 7.0 0.30% 2020-05-11 2026-06-16
«« 先頭 « 前へ 1 / 8 次へ »
cvelogic Threat Intelligence