Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee web gateway vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2009-2429
SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in admin_backup.xml files and uses insecure permissions for these files, which allows local users to gain privileges. NOTE: the provenance of this information is unknown; the details are obtained solel...
Mcafee Smartfilter 4.2.1.00
4.6
CVSSv2
CVE-2009-2312
SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.
Mcafee Smartfilter 4.2.1.00
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
4.3
CVSSv2
CVE-2020-7292
Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) before 9.2.1 allows a remote malicious user to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL.
Mcafee Web Gateway
4.3
CVSSv2
CVE-2019-3638
Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x before 7.8.2.13 allows remote malicious users to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administr...
Mcafee Web Gateway
4.3
CVSSv2
CVE-2019-3635
Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x before 7.8.2.12 allows malicious users to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe.
Mcafee Web Gateway
4.3
CVSSv2
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl Openssl
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Snapdrive -
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Service Processor -
3 Github repositories
4.3
CVSSv2
CVE-2016-1836
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to cause a denial of service via a crafted XML ...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server 7.0
4.3
CVSSv2
CVE-2016-1837
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allow remote malicious users to...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Apple Mac Os X
Apple Watchos
Apple Iphone Os
Apple Tvos
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.5
4.3
CVSSv2
CVE-2016-1838
The xmlPArserPrintFileContextInternal function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a cr...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server 7.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »