Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
barracuda vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-2847
img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote malicious users to execute arbitrary commands via shell metacharacters in the f parameter.
Barracuda Networks Barracuda Spam Firewall 3.1.16
Barracuda Networks Barracuda Spam Firewall 3.1.17
2 EDB exploits
4.3
CVSSv2
CVE-2015-0962
Barracuda Web Filter 7.x and 8.x prior to 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority certificate across different customers' installations, which makes it easier for remote malicious users to conduct man-in-the-middle attacks agains...
Barracuda Web Filter 8.0.002
Barracuda Web Filter 8.0.003
Barracuda Web Filter 7.0.1
Barracuda Web Filter 8.0
Barracuda Web Filter 7.0
Barracuda Web Filter 7.1.0
4.3
CVSSv2
CVE-2007-5058
Cross-site scripting (XSS) vulnerability in the Web administration interface in Barracuda Spam Firewall before firmware 3.5.10.016 allows remote malicious users to inject arbitrary web script or HTML via the username field in a login attempt, which is not properly handled when th...
Barracuda Networks Barracuda Spam Firewall
6.5
CVSSv2
CVE-2008-1094
SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) prior to 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pa...
Barracuda Networks Barracuda Spam Firewall
1 EDB exploit
7.2
CVSSv2
CVE-2006-4082
Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges.
Barracuda Networks Barracuda Spam Firewall 3.3.03.053
7.5
CVSSv2
CVE-2005-0431
Barracuda Spam Firewall 3.1.10 and previous versions does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam.
Barracuda Networks Barracuda Spam Firewall 3.1.10
4.3
CVSSv2
CVE-2012-4739
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN prior to 2.2.2.203 (2012-07-05) allow remote malicious users to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories....
Barracudanetworks Barracuda Ssl Vpn 1.5.0.29
Barracudanetworks Barracuda Ssl Vpn 1.2.6.004
Barracudanetworks Barracuda Ssl Vpn
2 EDB exploits
7.5
CVSSv2
CVE-2006-2133
SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) link_dir_target and (2) link_id_target parameter, possibly involving the link_edit functionality.
Boonex Barracuda
7.2
CVSSv2
CVE-2019-6724
The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local malicious user to load a malicious library, resulting in arbitrary code executing as root.
Barracuda Vpn Client
5.5
CVSSv2
CVE-2019-5648
Authenticated, administrative access to a Barracuda Load Balancer ADC running unpatched firmware <= v6.4 allows one to edit the LDAP service configuration of the balancer and change the LDAP server to an attacker-controlled system, without having to re-enter LDAP credentials. ...
Barracuda Load Balancer Adc Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »