Symantec Norton Security — known CVE vulnerabilities
Every CVE whose affected-product data names Symantec Norton Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2016-3645 — CVSS 9.8 (critical): Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center…
CVE-2016-2207 — CVSS 8.4 (high): The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6…
CVE-2016-3644 — CVSS 8.4 (high): The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6…
CVE-2016-3646 — CVSS 8.4 (high): The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6…
CVE-2018-18369 — CVSS 7.8 (high): Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 &…
CVE-2016-5311 — CVSS 7.8 (high): A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security…
CVE-2016-2211 — CVSS 7.8 (high): The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6…
CVE-2016-2209 — CVSS 7.3 (high): Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center…
CVE-2016-2210 — CVSS 7.3 (high): Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center…
CVE-2018-18366 — CVSS 6.5 (medium): Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior…