Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec web gateway vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2019-18378
Symantec Messaging Gateway, before 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable malicious users to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by ...
Symantec Messaging Gateway
383
VMScore
CVE-2016-10257
The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (before 6.7.2.1), ProxySG 6.5 (before 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (before 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in...
Broadcom Advanced Secure Gateway
Broadcom Advanced Secure Gateway 6.6
Broadcom Symantec Proxysg
Broadcom Symantec Proxysg 6.6
490
VMScore
CVE-2017-15532
before 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to ac...
Symantec Messaging Gateway
685
VMScore
CVE-2017-6328
The Symantec Messaging Gateway prior to 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user t...
Symantec Message Gateway
1 EDB exploit
435
VMScore
CVE-2016-5309
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows prior to 12.1.6 MP5; Symantec Endpoint Prot...
Broadcom Symantec Data Center Security Server -
Symantec Advanced Threat Protection -
Symantec Csapi
Symantec Email Security.cloud -
Symantec Endpoint Protection
Symantec Endpoint Protection Cloud -
Symantec Endpoint Protection For Small Business -
Symantec Endpoint Protection For Small Business
Symantec Mail Security For Domino
Symantec Mail Security For Domino 8.1.2
Symantec Mail Security For Domino 8.1.3
Symantec Mail Security For Microsoft Exchange
Symantec Mail Security For Microsoft Exchange 7.0
Symantec Mail Security For Microsoft Exchange 7.0.1
Symantec Mail Security For Microsoft Exchange 7.0.2
Symantec Mail Security For Microsoft Exchange 7.0.3
Symantec Mail Security For Microsoft Exchange 7.0.4
Symantec Mail Security For Microsoft Exchange 7.5
Symantec Mail Security For Microsoft Exchange 7.5.1
Symantec Mail Security For Microsoft Exchange 7.5.2
Symantec Mail Security For Microsoft Exchange 7.5.3
Symantec Mail Security For Microsoft Exchange 7.5.4
1 EDB exploit
435
VMScore
CVE-2016-5310
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows prior to 12.1.6 MP5; Symantec Endpoint Prot...
Broadcom Symantec Data Center Security Server -
Symantec Advanced Threat Protection -
Symantec Csapi
Symantec Email Security.cloud -
Symantec Endpoint Protection
Symantec Endpoint Protection Cloud -
Symantec Endpoint Protection For Small Business -
Symantec Endpoint Protection For Small Business
Symantec Mail Security For Domino
Symantec Mail Security For Domino 8.1.2
Symantec Mail Security For Domino 8.1.3
Symantec Mail Security For Microsoft Exchange
Symantec Mail Security For Microsoft Exchange 7.0
Symantec Mail Security For Microsoft Exchange 7.0.1
Symantec Mail Security For Microsoft Exchange 7.0.2
Symantec Mail Security For Microsoft Exchange 7.0.3
Symantec Mail Security For Microsoft Exchange 7.0.4
Symantec Mail Security For Microsoft Exchange 7.5
Symantec Mail Security For Microsoft Exchange 7.5.1
Symantec Mail Security For Microsoft Exchange 7.5.2
Symantec Mail Security For Microsoft Exchange 7.5.3
Symantec Mail Security For Microsoft Exchange 7.5.4
1 EDB exploit
356
VMScore
CVE-2020-12595
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
641
VMScore
CVE-2013-4672
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
534
VMScore
CVE-2013-4671
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
383
VMScore
CVE-2013-4670
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »