Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
content gateway vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1403
In OpenEdge Authentication Gateway and AdminServer before 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. The vulnerability is a bypass to authentication based on a failure to properly handle...
1 Github repository
NA
CVE-2023-44294
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This is...
NA
CVE-2023-44293
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issu...
6.5
CVSSv3
CVE-2024-24753
Bref enable serverless PHP on AWS Lambda. When Bref is used in combination with an API Gateway with the v2 format, it does not handle multiple values headers. If PHP generates a response with two headers having the same key but different values only the latest one is kept. If an ...
Mnapoli Bref
5.8
CVSSv3
CVE-2023-20071
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote malicious user to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection e...
Cisco Firepower Threat Defense
Cisco Cyber Vision
Cisco Unified Threat Defense
Cisco Meraki Mx Security Appliance Firmware -
5.3
CVSSv3
CVE-2023-20246
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote malicious user to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access cont...
Snort Snort
Cisco Ios Xe
Cisco Firepower Threat Defense
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
5.4
CVSSv3
CVE-2023-20028
Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA),...
Cisco Secure Email Gateway 14.0.1-053
Cisco Web Security Appliance 14.0.1-053
Cisco Secure Email And Web Manager 14.0.1-053
Cisco Secure Email And Web Manager 15.0.0-256
Cisco Secure Email Gateway 15.0.0-256
Cisco Web Security Appliance 15.0.0-256
Cisco Secure Email And Web Manager 14.0.1-033
Cisco Secure Email Gateway 14.0.1-033
Cisco Web Security Appliance 14.0.1-033
Cisco Secure Email And Web Manager 14.0.0-418
Cisco Secure Email Gateway 14.0.0-418
Cisco Web Security Appliance 14.0.0-418
Cisco Secure Email And Web Manager 15.0.0-050
Cisco Secure Email Gateway 15.0.0-050
Cisco Web Security Appliance 15.0.0-050
6.1
CVSSv3
CVE-2023-20119
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) atta...
Cisco Secure Email Gateway 14.0.1-053
Cisco Web Security Appliance 14.0.1-053
Cisco Secure Email And Web Manager 14.0.1-053
Cisco Secure Email And Web Manager 15.0.0-256
Cisco Secure Email Gateway 15.0.0-256
Cisco Web Security Appliance 15.0.0-256
Cisco Secure Email And Web Manager 14.0.1-033
Cisco Secure Email Gateway 14.0.1-033
Cisco Web Security Appliance 14.0.1-033
Cisco Secure Email And Web Manager 14.0.0-418
Cisco Secure Email Gateway 14.0.0-418
Cisco Web Security Appliance 14.0.0-418
Cisco Secure Email And Web Manager 15.0.0-050
Cisco Secure Email Gateway 15.0.0-050
Cisco Web Security Appliance 15.0.0-050
6.1
CVSSv3
CVE-2023-20120
Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA),...
Cisco Secure Email Gateway 14.0.1-053
Cisco Web Security Appliance 14.0.1-053
Cisco Secure Email And Web Manager 14.0.1-053
Cisco Secure Email And Web Manager 15.0.0-256
Cisco Secure Email Gateway 15.0.0-256
Cisco Web Security Appliance 15.0.0-256
Cisco Secure Email And Web Manager 14.0.1-033
Cisco Secure Email Gateway 14.0.1-033
Cisco Web Security Appliance 14.0.1-033
Cisco Secure Email And Web Manager 14.0.0-418
Cisco Secure Email Gateway 14.0.0-418
Cisco Web Security Appliance 14.0.0-418
Cisco Secure Email And Web Manager 15.0.0-050
Cisco Secure Email Gateway 15.0.0-050
Cisco Web Security Appliance 15.0.0-050
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »