Norton antivirus
This hub aggregates every CVE we track for Norton antivirus, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
76
CVEs tracked
11
Critical
28
High
0
In CISA KEV
Severity distribution
MEDIUM32HIGH28CRITICAL11LOW5
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
8
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Norton antivirus.
- CVE-2025-7019Avast antivirus stack overflow when scanning a malformed Office Open XML file5.5
- CVE-2025-7011Avast antivirus heap OOB when scanning a malformed zip file7.8
- CVE-2025-7010Avast antivirus stack overflow when scanning a malformed PDF file5.5
- CVE-2025-7009Avast antivirus heap buffer OOB read when scanning a malformed PE file7.8
- CVE-2025-7008Avast antivirus heap buffer OOB read when scanning a malformed PE file7.8
- CVE-2025-7006Avast antivirus use of stack memory after free when scanning a malformed PE file5.5
- CVE-2025-7005Avast antivirus infinite recursion when scanning a malformed PE file5.5
- CVE-2025-7004Avast antivirus heap buffer OOB write when scanning a malformed PE file7.8
- CVE-2025-10101Avast antivirus heap buffer OOB read when scanning a malformed Mach-O file7.8
- CVE-2016-5311A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint ...7.8
- CVE-2018-12239Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; ...6.8
- CVE-2018-12238Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; ...7.8
- CVE-2016-3644The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (...8.4
- CVE-2016-3645Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec We...9.8
- CVE-2016-3646The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (...8.4
Product normalization is registry-driven with AI assist and human review. How it works