- How many CVEs does Symantec have?
- Symantec has 598 published CVE records since 2000, including 4 in the last two years.
- How many Symantec CVEs are in CISA KEV?
- Yes — 1 of Symantec's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which Symantec products have the most CVEs?
- The Symantec products with the most published CVEs are Endpoint Protection, norton antivirus, endpoint protection manager, norton internet security, web gateway.
- What are the most common weakness types in Symantec CVEs?
- Symantec's CVEs most often map to these CWE weakness types: CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-269 (Improper Privilege Management), CWE-178 (Improper Handling of Case Sensitivity).
- Are there public exploits for Symantec vulnerabilities?
- Yes — 120 of Symantec's CVEs have a known public exploit.
- How many critical Symantec vulnerabilities are there?
- Symantec has 94 critical and 192 high-severity CVEs.
- What is the average severity of Symantec CVEs?
- The average CVSS base score across Symantec's scored CVEs is 6.6.