Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
email security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26291
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_form.mhtml modules), Forcepoint Web Security Portal on Hybrid ...
Forcepoint Cloud Security Gateway
Forcepoint Web Security
NA
CVE-2023-26292
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_submit.mhtml modules), Forcepoint Web Security Portal on Hybri...
Forcepoint Cloud Security Gateway
Forcepoint Web Security
NA
CVE-2023-28466
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel up to and including 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
Linux Linux Kernel
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
Netapp H410c -
Debian Debian Linux 10.0
NA
CVE-2023-20009
A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local malicious user to escalate their privilege level and gain root access....
Cisco Secure Email And Web Manager
Cisco Email Security Appliance
NA
CVE-2023-20075
Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote malicious user to execute arbitrary commands. These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system...
Cisco Email Security Appliance
NA
CVE-2023-20857
VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode.
Vmware Workspace One Content
NA
CVE-2023-20858
VMware Carbon Black App Control 8.7.x before 8.7.8, 8.8.x before 8.8.6, and 8.9.x.before 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the ...
Vmware Carbon Black App Control
NA
CVE-2023-20855
VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information o...
Vmware Vrealize Automation
Vmware Vrealize Orchestrator
NA
CVE-2023-25765
In Jenkins Email Extension Plugin 2.93 and previous versions, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context ...
Jenkins Email Extension
NA
CVE-2023-24580
An issue exists in the Multipart Request Parser in Django 3.2 prior to 3.2.18, 4.0 prior to 4.0.10, and 4.1 prior to 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a pote...
Djangoproject Django
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »