聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2025-24500 | The vulnerability allows an unauthenticated attacker to access information in PAM database. | 8.7 | 0.22% | 2025-01-30 | 2026-06-17 |
| CVE-2024-38499 | CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to execute "caf encrypt"/"sd_acmd encrypt" commands. | 7.3 | 0.22% | 2024-12-17 | 2026-06-17 |
| CVE-2025-24504 | An improper input validation the CSRF filter results in unsanitized user input written to the application logs. | 5.3 | 0.23% | 2025-01-30 | 2026-06-17 |
| CVE-2025-24503 | A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server. | 9.3 | 0.23% | 2025-01-30 | 2026-06-17 |
| CVE-2025-3599 | Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user. | 6.5 | 0.23% | 2025-04-30 | 2026-06-17 |
| CVE-2025-24506 | A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types. | 5.3 | 0.24% | 2025-01-30 | 2026-06-17 |
| CVE-2019-9694 | Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 7.8 | 0.24% | 2019-04-10 | 2026-06-16 |
| CVE-2024-38496 | The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships. | 5.1 | 0.25% | 2024-07-15 | 2026-06-17 |
| CVE-2017-13679 | A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. | 4.2 | 0.26% | 2017-10-10 | 2026-06-16 |
| CVE-2015-6553 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn. Further investigation showed that it was not a security issue in customer-controlled software. Notes: none | 無 | 0.26% | 2016-02-05 | 2023-11-06 |
| CVE-2019-9700 | Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic. | 3.9 | 0.26% | 2019-07-16 | 2026-06-16 |
| CVE-2016-9098 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-9096 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2016-9095 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8913 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8912 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8911 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8910 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8909 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |
| CVE-2015-8908 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | 無 | 0.27% | 2017-05-11 | 2023-11-06 |