Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web appliance vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-3870
A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the firs...
Cisco Web Security Appliance 8.5.3-069
Cisco Web Security Appliance 9.1.1-074
Cisco Web Security Appliance 9.1.2-010
5
CVSSv2
CVE-2015-6287
Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote malicious users to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907.
Cisco Web Security Virtual Appliance 8.0 Base
Cisco Web Security Virtual Appliance 8.0.6
Cisco Web Security Virtual Appliance 8.0.5
4
CVSSv2
CVE-2014-8510
The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) prior to 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters.
Trendmicro Interscan Web Security Virtual Appliance 5.6
Trendmicro Interscan Web Security Virtual Appliance 5.5
Trendmicro Interscan Web Security Virtual Appliance 5.1
Trendmicro Interscan Web Security Virtual Appliance 6.0
4.3
CVSSv2
CVE-2016-6416
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 up to and including 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 up to and including 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote malicious users ...
Cisco Content Security Management Appliance 9.1.0-033
Cisco Email Security Appliance 9.9 Base
Cisco Web Security Appliance 9.5.0-235
Cisco Web Security Appliance 9.5.0-284
Cisco Email Security Appliance 9.6.0-051
Cisco Email Security Appliance 9.7.1-066
Cisco Content Security Management Appliance 9.1.0-031
Cisco Email Security Appliance 9.9.6-026
Cisco Content Security Management Appliance 9.1.0-103
Cisco Content Security Management Appliance 9.6.0
Cisco Web Security Appliance 9.5 Base
Cisco Content Security Management Appliance 9.1.0-004
Cisco Content Security Management Appliance 9.1.0
Cisco Web Security Appliance 9.5.0-444
Cisco Web Security Appliance 9.1.0-000
Cisco Web Security Appliance 9.1.0-070
Cisco Web Security Appliance 9.0.0-162
Cisco Content Security Management Appliance 9.5.0
Cisco Email Security Appliance 9.6.0-000
Cisco Web Security Appliance 9.1 Base
Cisco Email Security Appliance 9.6.0-042
5
CVSSv2
CVE-2016-1296
The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote malicious users to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848.
Cisco Web Security Appliance 9.1.0-000
Cisco Web Security Appliance 9.5.0-235
Cisco Web Security Appliance 8.5.3-055
1 Article
5
CVSSv2
CVE-2016-6469
A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting. More Information: CSCvb04312. Known...
Cisco Web Security Appliance 9.0.1-162
Cisco Web Security Appliance 9.1.1-074
4.3
CVSSv2
CVE-2015-6290
Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.
Cisco Web Security Virtual Appliance 8.0 Base
Cisco Web Security Virtual Appliance 8.0.5
Cisco Web Security Virtual Appliance 8.0.7
Cisco Web Security Virtual Appliance 8.0.6
7.2
CVSSv2
CVE-2018-0428
A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local malicious user to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to improper im...
Cisco Web Security Appliance 11.5.0-fcs-000
Cisco Web Security Appliance Wsa10.5.0-fcs-000
Cisco Web Security Appliance 11.0.0-fcs-250
Cisco Web Security Appliance Wsa10.0.0-959
7.5
CVSSv2
CVE-2017-6182
In Sophos Web Appliance (SWA) prior to 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
Sophos Web Appliance
1 EDB exploit
NA
CVE-2022-4934
A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.
Sophos Web Appliance
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »