聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2019-9702 | Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | 7.8 | 0.21% | 2019-07-01 | 2026-06-16 |
| CVE-2013-5008 | The agent and task-agent components in Symantec Management Platform 7.0 and 7.1 before 7.1 SP2 Mp1.1v7 rollup, as used in certain Altiris products, use the same registry-entry encryption key across different customers' installations, which makes it easier for local users to obtain sensitive information about package-server access, or cause a denial of service, by leveraging knowledge of this key. | 4.6 | 0.22% | 2013-10-10 | 2026-06-16 |
| CVE-2025-24500 | The vulnerability allows an unauthenticated attacker to access information in PAM database. | 8.7 | 0.22% | 2025-01-30 | 2026-06-17 |
| CVE-2024-38499 | CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to execute "caf encrypt"/"sd_acmd encrypt" commands. | 7.3 | 0.22% | 2024-12-17 | 2026-06-17 |
| CVE-2025-24504 | An improper input validation the CSRF filter results in unsanitized user input written to the application logs. | 5.3 | 0.23% | 2025-01-30 | 2026-06-17 |
| CVE-2025-24503 | A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server. | 9.3 | 0.23% | 2025-01-30 | 2026-06-17 |
| CVE-2025-3599 | Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user. | 6.5 | 0.23% | 2025-04-30 | 2026-06-17 |
| CVE-2025-24506 | A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types. | 5.3 | 0.24% | 2025-01-30 | 2026-06-17 |
| CVE-2019-9694 | Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 7.8 | 0.24% | 2019-04-10 | 2026-06-16 |
| CVE-2024-38496 | The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships. | 5.1 | 0.25% | 2024-07-15 | 2026-06-17 |
| CVE-2017-13679 | A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. | 4.2 | 0.26% | 2017-10-10 | 2026-06-16 |
| CVE-2015-6553 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn. Further investigation showed that it was not a security issue in customer-controlled software. Notes: none | 无 | 0.26% | 2016-02-05 | 2023-11-06 |
| CVE-2019-9700 | Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic. | 3.9 | 0.26% | 2019-07-16 | 2026-06-16 |
| CVE-2016-9098 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-9096 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-9095 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8913 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8912 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8911 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8910 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-06 |