Filtered by vendor Norton
Subscribe
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-4294 | 5 Avast, Avg, Avira and 2 more | 5 Antivirus, Antivirus, Avira Security and 2 more | 2023-01-13 | N/A | 7.8 HIGH |
Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
CVE-2019-19546 | 1 Norton | 1 Password Manager | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
Norton Password Manager, prior to 6.6.2.5, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. | |||||
CVE-2019-9700 | 1 Norton | 1 Password Manager | 2021-07-21 | 1.7 LOW | 3.9 LOW |
Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic. | |||||
CVE-2019-19548 | 1 Norton | 1 Power Eraser | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
Norton Power Eraser, prior to 5.3.0.67, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
CVE-2017-15528 | 1 Norton | 1 Install Norton Security | 2020-08-12 | 4.3 MEDIUM | 3.7 LOW |
Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the public key of an attacker to the domain name of the target. | |||||
CVE-2019-19545 | 1 Norton | 1 Password Manager | 2019-12-13 | 6.5 MEDIUM | 6.3 MEDIUM |
Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. | |||||
CVE-2019-18381 | 1 Norton | 1 Password Manager | 2019-12-13 | 6.5 MEDIUM | 6.3 MEDIUM |
Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. | |||||
CVE-2017-13676 | 1 Norton | 1 Remove \& Reinstall | 2017-10-06 | 4.4 MEDIUM | 7.0 HIGH |
Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application. A Norton Remove & Reinstall update, version 4.4.0.58, has been released which addresses the aforementioned vulnerability. |