Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec messaging gateway vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-25629
An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column).
Symantec Messaging Gateway
5.4
CVSSv3
CVE-2022-25630
An authenticated user can embed malicious content with XSS into the admin group policy page.
Symantec Messaging Gateway
4.9
CVSSv3
CVE-2021-30651
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.
Broadcom Symantec Messaging Gateway
4.9
CVSSv3
CVE-2020-12595
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
4.8
CVSSv3
CVE-2019-18378
Symantec Messaging Gateway, before 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable malicious users to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by ...
Symantec Messaging Gateway
4.5
CVSSv3
CVE-2019-9699
Symantec Messaging Gateway (before 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
Symantec Messaging Gateway
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
NA
CVE-2014-1648
Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x prior to 10.5.2 allows remote malicious users to inject arbitrary web script or HTML via the displayTab parameter.
Symantec Messaging Gateway 10.5.1
Symantec Messaging Gateway 10.5.0
Symantec Messaging Gateway 10.0.1
Symantec Messaging Gateway 10.0.2
Symantec Messaging Gateway 10.0.3
Symantec Messaging Gateway 10.0
NA
CVE-2012-4347
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSe...
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 9.5.4
Symantec Messaging Gateway 9.5.1
1 EDB exploit
NA
CVE-2012-3580
Symantec Messaging Gateway (SMG) prior to 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.1
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »