symantec security advisories
7 threat alerts tracking vulnerabilities and security advisories that affect symantec products.
Vulnios monitors symantec CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent symantec security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2016-3645 — symantec — norton_security, protection_engine
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web G
criticalCVE-2016-3645Critical Vulnerability: CVE-2016-2208 — symantec — anti-virus_engine
The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation and system c
criticalCVE-2016-2208Critical Vulnerability: CVE-2015-8151 — symantec — encryption_management_server
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access.
criticalCVE-2015-8151Critical Vulnerability: CVE-2013-5017 — symantec — web_gateway
SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors.
criticalCVE-2013-5017Critical Vulnerability: CVE-2015-4523 — symantec — malware_analysis_appliance, malware_analyzer_g2
Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause
criticalCVE-2015-4523Critical Vulnerability: CVE-2017-6326 — symantec — messaging_gateway
The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machin
criticalCVE-2017-6326Critical Vulnerability: CVE-2001-1125 — symantec — liveupdate
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com
criticalCVE-2001-1125
Track symantec exposure across your environment
Vulnios automatically cross-references your asset inventory against new symantec CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan