Filtered by vendor Symantec
Subscriptions
Total
575 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5405 | 4 Activepdf, Autonomy, Ibm and 1 more | 5 Docconverter, Keyview, Lotus Notes and 2 more | 2026-04-23 | N/A |
| Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag. | ||||
| CVE-2007-1173 | 3 Centennial, Numara, Symantec | 3 Discovery, Asset Manager, Discovery | 2026-04-23 | N/A |
| Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet. | ||||
| CVE-2009-3029 | 1 Symantec | 1 Securityexpressions Audit And Compliance Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the console in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and earlier allows remote authenticated users to inject arbitrary web script or HTML via "external client input" that triggers crafted error messages. | ||||
| CVE-2009-3031 | 1 Symantec | 3 Altiris Deployment Solution, Altiris Management Platform, Altiris Notification Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in the BrowseAndSaveFile method in the Altiris eXpress NS ConsoleUtilities ActiveX control 6.0.0.1846 in AeXNSConsoleUtilities.dll in Symantec Altiris Notification Server (NS) 6.0 before R12, Deployment Server 6.8 and 6.9 in Symantec Altiris Deployment Solution 6.9 SP3, and Symantec Management Platform (SMP) 7.0 before SP3 allows remote attackers to execute arbitrary code via a long string in the second argument. | ||||
| CVE-2007-1252 | 1 Symantec | 1 Mail Security | 2026-04-23 | N/A |
| Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources. | ||||
| CVE-2009-3179 | 1 Symantec | 1 Altiris Deployment Solution | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by (1) "Symantec Altiris Deployment Solution 6.9 exploit, (2) "Symantec Altiris Deployment Solution 6.9 exploit (II)," and (3) "Symantec Altiris Deployment Solution 6.9 exploit (III)." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2007-1495 | 1 Symantec | 1 Norton Personal Firewall | 2026-04-23 | N/A |
| The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of CVE-2006-4855. | ||||
| CVE-2007-3509 | 1 Symantec | 1 Veritas Backup Exec | 2026-04-23 | N/A |
| Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests. | ||||
| CVE-2007-1689 | 1 Symantec | 2 Norton Internet Security, Norton Personal Firewall | 2026-04-23 | N/A |
| Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions. | ||||
| CVE-2007-1792 | 1 Symantec | 2 Mail Security, Mail Security 8820 Appliance | 2026-04-23 | N/A |
| libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of "PE-Shield v0.2" and "ASPack v1.00-1.08.02". | ||||
| CVE-2006-6620 | 6 Avg, Comodo, Filseclab and 3 more | 6 Antivirus Plus Firewall, Comodo Personal Firewall, Personal Firewall and 3 more | 2026-04-23 | N/A |
| Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. | ||||
| CVE-2006-6621 | 6 Avg, Comodo, Filseclab and 3 more | 6 Antivirus Plus Firewall, Comodo Personal Firewall, Personal Firewall and 3 more | 2026-04-23 | N/A |
| Filseclab Personal Firewall 3.0.0.8686 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. | ||||
| CVE-2009-2570 | 1 Symantec | 1 Winfax Pro | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method. | ||||
| CVE-2006-5403 | 1 Symantec | 4 Automated Support Assistant, Norton Antivirus, Norton Internet Security and 1 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-4422 | 1 Symantec | 1 Enterprise Firewall | 2026-04-23 | N/A |
| The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames. | ||||
| CVE-2008-0638 | 1 Symantec | 1 Veritas Storage Foundation | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Veritas Enterprise Administrator (VEA) service (aka vxsvc.exe) in Symantec Veritas Storage Foundation 5.0 allows remote attackers to execute arbitrary code via a packet with a crafted value of a certain size field, which is not checked for consistency with the actual buffer size. | ||||
| CVE-2007-3132 | 1 Symantec | 2 Ghost Solutions Suite, Norton Ghost | 2026-04-23 | N/A |
| Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp. | ||||
| CVE-2007-5838 | 1 Symantec | 1 Altiris Deployment Solution | 2026-04-23 | N/A |
| Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380. | ||||
| CVE-2007-1593 | 1 Symantec | 1 Veritas Volume Replicator | 2026-04-23 | N/A |
| The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer. | ||||
| CVE-2006-6490 | 2 Supportsoft, Symantec | 6 Scriptrunner, Smartissue, Automated Support Assistant and 3 more | 2026-04-23 | N/A |
| Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message. | ||||