CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 4160 of 213 results
«« First « Prev Page 3 / 11 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2020-12593 Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. 7.5 1.97% 2020-11-18 2026-06-16
CVE-2020-5839 Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. 7.5 2.00% 2020-07-08 2026-06-16
CVE-2020-5837 Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege. 7.8 0.75% 2020-05-11 2026-06-16
CVE-2020-5836 Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled. 7.8 0.36% 2020-05-11 2026-06-16
CVE-2020-5835 Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine. 7.0 0.30% 2020-05-11 2026-06-16
CVE-2019-18375 The ASG and ProxySG management consoles are susceptible to a session hijacking vulnerability. A remote attacker, with access to the appliance management interface, can hijack the session of a currently logged-in user and access the management console. 6.5 1.23% 2020-04-09 2026-06-16
CVE-2020-5832 Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.37% 2020-04-06 2026-06-16
CVE-2020-5823 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.39% 2020-02-11 2026-06-16
CVE-2020-5822 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.39% 2020-02-11 2026-06-16
CVE-2020-5821 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit. 7.8 0.43% 2020-02-11 2026-06-16
CVE-2020-5820 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.39% 2020-02-11 2026-06-16
CVE-2016-6592 A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the Norton Download Manager component to load the remote user's DLL instead of the intended DLL and execute arbitrary code when the Norton Download Manager component is run by the target user. 7.8 0.96% 2020-01-14 2026-06-16
CVE-2019-19548 Norton Power Eraser, prior to 5.3.0.67, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.39% 2020-01-14 2026-06-16
CVE-2019-19547 Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may be susceptible to a cross site scripting (XSS) issue. XSS is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. An XSS vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. 6.1 1.38% 2020-01-13 2026-06-16
CVE-2016-5311 A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. 7.8 0.71% 2020-01-09 2026-06-16
CVE-2016-6593 A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code. 7.8 0.81% 2020-01-08 2026-06-16
CVE-2016-6591 A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions. 7.1 0.29% 2020-01-08 2026-06-16
CVE-2016-6590 A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code. 7.8 0.32% 2020-01-08 2026-06-16
CVE-2016-6589 A Denial of Service vulnerability exists in the ITMS workflow process manager login window in Symantec IT Management Suite 8.0. 6.5 1.68% 2020-01-08 2026-06-16
CVE-2019-18379 Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. 7.3 1.12% 2019-12-11 2026-06-16
«« First « Prev Page 3 / 11 Next »
cvelogic Threat Intelligence