Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messaging gateway vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2017-15532
before 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to ac...
Symantec Messaging Gateway
9.3
CVSSv2
CVE-2011-0548
Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x up to and including 8.x, Symantec Brightmail and Messaging Gateway prior to 9.5.1, and Symantec Data Loss Prevention (DLP) prior to 10.5.3 and 11.x pri...
Symantec Mail Security 8.0
Symantec Mail Security 6.0.0
Symantec Mail Security 7.5
Symantec Brightmail And Messaging Gateway 5.0
Symantec Brightmail And Messaging Gateway 8.0
Symantec Brightmail And Messaging Gateway 7.7
Symantec Brightmail And Messaging Gateway 9.0.1
Symantec Brightmail And Messaging Gateway 4.0.0
Symantec Brightmail And Messaging Gateway
Symantec Brightmail And Messaging Gateway 4.1.0
Symantec Brightmail And Messaging Gateway 9.0.2
Symantec Brightmail And Messaging Gateway 9.0
Symantec Data Loss Prevention 10.5.1
Symantec Data Loss Prevention 9.0
Symantec Data Loss Prevention 10.5
Symantec Data Loss Prevention 8.0
Symantec Data Loss Prevention 7.2
Symantec Data Loss Prevention 7.0
Symantec Data Loss Prevention 8.1
Symantec Data Loss Prevention 8.1.1
Symantec Data Loss Prevention 11.0
Symantec Data Loss Prevention 7.1
4
CVSSv2
CVE-2021-30651
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.
Broadcom Symantec Messaging Gateway
7.5
CVSSv2
CVE-2018-12464
A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote malicious user to execute arbitrary SQL statements against the database. This can be exploited to create an administrative ac...
Microfocus Secure Messaging Gateway
1 EDB exploit
9
CVSSv2
CVE-2018-12465
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-20...
Microfocus Secure Messaging Gateway
1 EDB exploit
4
CVSSv2
CVE-2020-12595
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
9
CVSSv2
CVE-2020-11852
DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the ca...
Microfocus Secure Messaging Gateway
9
CVSSv2
CVE-2020-12594
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
NA
CVE-2024-23614
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
Broadcom Symantec Messaging Gateway
NA
CVE-2024-23615
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
Broadcom Symantec Messaging Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »