Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
email security appliance vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-6661
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based...
Cisco Email Security Appliance 10.0.0-203
Cisco Content Security Management Appliance 10.0.0-203
Cisco Content Security Management Appliance 10.1.0-049
Cisco Email Security Appliance 10.1.0-049
445
VMScore
CVE-2019-1905
A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass configured content filters on the device. The vulnerability is due to improper validation of GZIP-fo...
Cisco Email Security Appliance 11.1.2
Cisco Email Security Appliance 12.0.0
383
VMScore
CVE-2014-2195
Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote malicious users to gain role privileges by leveraging group-name similarity, aka Bu...
Cisco Asyncos -
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
614
VMScore
CVE-2021-20025
SonicWall Email Security Virtual Appliance version 10.0.9 and previous versions versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appli...
Sonicwall Email Security Virtual Appliance
445
VMScore
CVE-2019-1831
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass configured content filters on the device. The vulnerability is due to improper input validation of the ...
Cisco Email Security Appliance 11.1.2-023
Cisco Email Security Appliance 12.0.0-208
NA
CVE-2023-31488
Hyland Perceptive Filters releases prior to 2023-12-08 (e.g., 11.4.0.2647), as used in Cisco IronPort Email Security Appliance Software, Cisco Secure Email Gateway, and various non-Cisco products, allow malicious users to trigger a segmentation fault and execute arbitrary code vi...
Cisco Ironport Email Security Appliance -
Cisco Secure Email Gateway Firmware -
383
VMScore
CVE-2015-4288
The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to ...
Cisco Web Security Appliance 8.5.0-000
Cisco Email Security Appliance 8.5.7-042
Cisco Content Security Management Appliance 8.3.6-048
694
VMScore
CVE-2015-6291
Cisco AsyncOS prior to 8.5.7-043, 9.x prior to 9.1.1-023, and 9.5.x and 9.6.x prior to 9.6.0-046 on Email Security Appliance (ESA) devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-matc...
Cisco Email Security Appliance 8.5.6-073
Cisco Email Security Appliance 9.1.0-032
Cisco Email Security Appliance 7.7.0-000
Cisco Email Security Appliance 8.0 Base
Cisco Email Security Appliance 9.0.0-461
Cisco Email Security Appliance 9.0.0-212
Cisco Email Security Appliance 8.5.6-052
Cisco Email Security Appliance 8.5.6-074
Cisco Email Security Appliance 8.5.6-106
Cisco Email Security Appliance 8.5.6-113
Cisco Email Security Appliance 9.6.0-042
Cisco Email Security Appliance 9.0.0
Cisco Email Security Appliance 8.5.7-042
Cisco Email Security Appliance 8.5 Base
Cisco Email Security Appliance 7.7.1-000
Cisco Email Security Appliance 9.0.5-000
445
VMScore
CVE-2017-12309
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attac...
Cisco Email Security Appliance Firmware 10.0.2-020
Cisco Email Security Appliance Firmware 11.0.0-105
445
VMScore
CVE-2017-6671
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd3463...
Cisco Email Security Appliance Firmware 10.0.1-087
Cisco Email Security Appliance Firmware 9.7.1-066
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »