Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2015-1489 | The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors. | 8.5 | 24.64% | 2015-07-31 | 2026-06-16 |
| CVE-2015-1487 | The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename. | 5.5 | 47.33% | 2015-07-31 | 2026-06-16 |
| CVE-2015-1486 | The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session. | 7.5 | 64.49% | 2015-07-31 | 2026-06-16 |
| CVE-2014-7288 | Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action. | 9.0 | 8.12% | 2015-01-31 | 2026-06-16 |
| CVE-2014-9225 | The ajaxswing webui in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to obtain sensitive server information via unspecified vectors. | 4.0 | 9.22% | 2015-01-21 | 2026-06-16 |
| CVE-2014-7285 | The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts. | 6.5 | 50.32% | 2014-12-17 | 2026-06-16 |
| CVE-2014-3439 | ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to write to arbitrary files via unspecified vectors. | 6.1 | 5.84% | 2014-11-07 | 2026-06-16 |
| CVE-2014-3437 | The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.5 | 8.54% | 2014-11-07 | 2026-06-16 |
| CVE-2013-5017 | SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors. | 9.8 | 6.96% | 2014-06-18 | 2026-06-16 |
| CVE-2014-1649 | The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS. | 7.9 | 42.31% | 2014-05-16 | 2026-06-16 |
| CVE-2013-5015 | SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 | 28.76% | 2014-02-14 | 2026-06-16 |
| CVE-2013-5014 | The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.5 | 67.57% | 2014-02-14 | 2026-06-16 |
| CVE-2013-1617 | Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. | 7.4 | 7.35% | 2013-08-01 | 2026-06-16 |
| CVE-2013-1616 | The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script. | 8.3 | 10.75% | 2013-08-01 | 2026-06-16 |