Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websense vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-5148
Websense Web Security and Web Filter prior to 7.1 Hotfix 21 do not set the secure flag for the Encrypted Session (SSL) cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Websense Websense Web Security
Websense Websense Web Filter
4.3
CVSSv2
CVE-2009-5130
The Rules Service in Websense Email Security prior to 7.1 allows remote malicious users to cause a denial of service (service crash) via an attachment with a crafted size.
Websense Websense Email Security 6.1
Websense Websense Email Security
5
CVSSv2
CVE-2009-5131
The Receive Service in Websense Email Security prior to 7.1 does not recognize domain extensions in the blacklist, which allows remote malicious users to bypass intended access restrictions and send e-mail messages via an SMTP session.
Websense Websense Email Security
Websense Websense Email Security 6.1
4.3
CVSSv2
CVE-2009-5119
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network and then conducting...
Websense Websense Web Filter 7.0
Websense Websense Web Security 7.0
4.3
CVSSv2
CVE-2009-5120
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote malicious users to conduct cross-site scripting (XSS) attacks vi...
Websense Websense Web Security 7.0
Websense Websense Web Filter 7.0
5
CVSSv2
CVE-2008-7312
The Filtering Service in Websense Enterprise 5.2 up to and including 6.3 does not consider the IP address during URL categorization, which makes it easier for remote malicious users to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server asso...
Websense Enterprise 5.5
Websense Enterprise 6.1
Websense Enterprise 6.2
Websense Enterprise 6.3
Websense Enterprise 5.2
4.3
CVSSv2
CVE-2007-6312
Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote malicious users to inject arbitrary web script or HTML via the username field.
Websense Web Security Suite 6.3
Websense Web Security Suite 6.3.1
Websense Reporting Tools 6.3
Websense Reporting Tools 6.3.1
Websense Enterpise 6.3
Websense Enterpise 6.3.1
3.7
CVSSv2
CVE-2006-2035
Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL.
Websense Websense
5
CVSSv2
CVE-2009-5129
The Websense V10000 appliance prior to 1.0.1 allows remote malicious users to cause a denial of service (intermittent LDAP authentication outage) via a login attempt with an incorrect password.
Websense Websense V10000
5
CVSSv2
CVE-2015-2748
Websense TRITON AP-WEB prior to 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote malicious users to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.
Websense Triton Ap Email
Websense Triton Ap Web
Websense V-series Appliances
Websense Triton Ap Data
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »