Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web gateway vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-3881
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Manag...
Cisco Ios
Cisco Ios Xe
2 EDB exploits
6 Github repositories
2 Articles
9.8
CVSSv3
CVE-2016-3645
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x up to and including 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) prior to 12.1 RU6 MP5; Sy...
Symantec Norton Security
Symantec Protection Engine
Symantec Protection Engine 7.8.0
Symantec Advanced Threat Protection
Symantec Norton Bootable Removal Tool
Symantec Data Center Security Server 6.5
Symantec Data Center Security Server 6.6
Symantec Data Center Security Server 6.0
Symantec Protection For Sharepoint Servers
Symantec Message Gateway For Service Providers 10.5
Symantec Message Gateway For Service Providers 10.6
Symantec Csapi
Symantec Endpoint Protection 12.1.6
Symantec Norton Power Eraser
Symantec Mail Security For Domino
Symantec Mail Security For Microsoft Exchange 6.5.8
Symantec Mail Security For Microsoft Exchange
Symantec Message Gateway
Symantec Norton Internet Security
Symantec Norton Security With Backup
Symantec Norton 360
Symantec Norton Antivirus
1 EDB exploit
9.8
CVSSv3
CVE-2016-2331
The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware prior to 01A.8 has a default password, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Systech Syslink Sl-1000 Modular Gateway Firmware -
9.8
CVSSv3
CVE-2016-2071
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x prior to 11.0 Build 64.34, 10.5 prior to 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote malicious users to gain privileges via unspecified NS Web GUI commands.
Citrix Netscaler 11.0
Citrix Netscaler 10.5e
Citrix Netscaler 10.5
9.8
CVSSv3
CVE-2013-5017
SNMPConfig.php in the management console in Symantec Web Gateway (SWG) prior to 5.2.1 allows remote malicious users to execute arbitrary commands via unspecified vectors.
Symantec Web Gateway
9.6
CVSSv3
CVE-2019-13923
A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). The integrated configuration web server of the affected device could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interac...
Siemens Ie\\/wsn-pa Link Wirelesshart Gateway Firmware
9.6
CVSSv3
CVE-2019-3638
Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x before 7.8.2.13 allows remote malicious users to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administr...
Mcafee Web Gateway
9.1
CVSSv3
CVE-2024-21887
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 9.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.1
Ivanti Policy Secure 9.1
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.6
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.4
Ivanti Connect Secure 9.0
Ivanti Policy Secure 9.0
2 Metasploit modules
14 Github repositories
11 Articles
9.1
CVSSv3
CVE-2020-22657
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) prior to 3.6.2.0.795, SmartZone 100 (SZ-100) prior to 3.6.2.0.795, SmartZone 300 (SZ300)...
Ruckuswireless R310 Firmware 10.5.1.0.199
Ruckuswireless R500 Firmware 10.5.1.0.199
Ruckuswireless R600 Firmware 10.5.1.0.199
Ruckuswireless T300 Firmware 10.5.1.0.199
Ruckuswireless T301n Firmware 10.5.1.0.199
Ruckuswireless T301s Firmware 10.5.1.0.199
Ruckuswireless Scg200 Firmware
Ruckuswireless Sz-100 Firmware
Ruckuswireless Sz-300 Firmware
Ruckuswireless Vsz Firmware
Ruckuswireless Zonedirector 1100 Firmware 9.10.2.0.130
Ruckuswireless Zonedirector 1200 Firmware 10.2.1.0.218
Ruckuswireless Zonedirector 3000 Firmware 10.2.1.0.218
Ruckuswireless Zonedirector 5000 Firmware 10.0.1.0.151
9.1
CVSSv3
CVE-2021-46825
Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated attacker and other web clients communicate through the proxy with the same web server, the attacker can send crafted HTTP requests and cause the proxy...
Broadcom Advanced Secure Gateway 6.7
Broadcom Proxysg 6.7
Broadcom Proxysg 7.3
Broadcom Advanced Secure Gateway 7.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »