Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messaging gateway vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-0308
Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) prior to 10.0 allows remote malicious users to hijack the authentication of administrators.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 10.0
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.1
1 EDB exploit
4.3
CVSSv2
CVE-2014-1648
Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x prior to 10.5.2 allows remote malicious users to inject arbitrary web script or HTML via the displayTab parameter.
Symantec Messaging Gateway 10.5.1
Symantec Messaging Gateway 10.5.0
Symantec Messaging Gateway 10.0.1
Symantec Messaging Gateway 10.0.2
Symantec Messaging Gateway 10.0.3
Symantec Messaging Gateway 10.0
3.3
CVSSv2
CVE-2012-3581
Symantec Messaging Gateway (SMG) prior to 10.0 allows remote malicious users to obtain potentially sensitive information about component versions via unspecified vectors.
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.1
7.9
CVSSv2
CVE-2012-3579
Symantec Messaging Gateway (SMG) prior to 10.0 has a default password for an unspecified account, which makes it easier for remote malicious users to obtain privileged access via an SSH session.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5.1
Symantec Messaging Gateway 9.5
1 EDB exploit
7.7
CVSSv2
CVE-2012-3580
Symantec Messaging Gateway (SMG) prior to 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.1
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.2
4.3
CVSSv2
CVE-2012-0307
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) prior to 10.0 allow remote malicious users to inject arbitrary web script or HTML via (1) web content or (2) e-mail content.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5.1
Symantec Messaging Gateway 9.5
5
CVSSv2
CVE-2012-4347
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSe...
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 9.5.4
Symantec Messaging Gateway 9.5.1
1 EDB exploit
6.5
CVSSv2
CVE-2016-2204
The management console on Symantec Messaging Gateway (SMG) Appliance devices prior to 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input.
Symantec Messaging Gateway 10.6.0
Symantec Messaging Gateway
4
CVSSv2
CVE-2016-5312
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway prior to 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.
Symantec Messaging Gateway
1 EDB exploit
NA
CVE-2022-25629
An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column).
Symantec Messaging Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »