CVE-2022-25630

< 10.8

An authenticated user can embed malicious content with XSS into the admin group policy page.

5.4MEDIUM

CVE-2022-25629

< 10.8

An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can

5.4MEDIUM

CVE-2012-6277

>= 9.5 and < 10.0.1

Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchan

7.8HIGH

CVE-2019-18379

< 10.7.3

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type o

7.3HIGH

CVE-2019-18378

< 10.7.3

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue

4.8MEDIUM

CVE-2019-18377

< 10.7.3

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue

7.2HIGH

CVE-2019-9699

< 10.7.0

Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerabil

4.5MEDIUM

CVE-2018-12243

< 10.6.6

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type

8.8HIGH

CVE-2018-12242

< 10.6.6

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of

9.8CRITICAL

CVE-2017-15532

< 10.6.4

Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). The

5.7MEDIUM

CVE-2017-6326

<= 10.6.3

The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual

10.0CRITICAL

CVE-2017-6325

<= 10.6.2

The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonl

6.6MEDIUM

CVE-2017-6324

<= 10.6.2

The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a p

7.3HIGH

CVE-2016-5312

<= 10.6.1

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticate

6.5MEDIUM

CVE-2016-5310

<= 10.6.1

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec E

5.5MEDIUM

CVE-2016-5309

<= 10.6.1

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec E

5.5MEDIUM

CVE-2016-2204

<= 10.6.0

The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to obtain root-shell

8.2HIGH

CVE-2016-2203

all versions

The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encry

7.8HIGH

CVE-2014-1648

all versions

Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Sym

CVE-2012-4347

all versions

Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote auth

CVE-2012-3581

<= 9.5.4

Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component v

CVE-2012-3580

<= 9.5.4

Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access

CVE-2012-3579

<= 9.5.4

Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote a

CVE-2012-0308

<= 9.5.4

Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack

CVE-2012-0307

<= 9.5.4

Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inje