Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web security appliance vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2015-0692
Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via crafted serialized objects, aka B...
Cisco Web Security Appliance 8.5 Base
7.2
CVSSv2
CVE-2015-0693
Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via a crafted pickle file, aka Bug ID...
Cisco Web Security Appliance 8.5 Base
4.3
CVSSv2
CVE-2009-0612
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 3.x and InterScan Web Security Suite (IWSS) 3.x, when basic authorization is enabled on the standalone proxy, forwards the Proxy-Authorization header from Windows Media Player, which allows remote web servers to obtain ...
Trendmicro Interscan Web Security Suite 2.5
Trendmicro Interscan Web Security Suite 3.1
Trendmicro Interscan Web Security Virtual Appliance 3.1
4.3
CVSSv2
CVE-2018-0366
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. T...
Cisco Web Security Appliance 10.1.2-003
Cisco Web Security Appliance 10.5.1-276
4
CVSSv2
CVE-2017-6783
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote malicious user to discover confidential information about the appliances that should be...
Cisco Web Security Appliance 10.0.0-230
Cisco Content Security Management Appliance 10.1.0-037
Cisco Email Security Appliance 9.7.2-065
9
CVSSv2
CVE-2016-9269
Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and previous versions allows authenticated, remote users with least privileges to run arbitrary commands on the sy...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
4
CVSSv2
CVE-2016-9314
Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and previous versions allows authenticated, remote users with least privileges to backup the system configu...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
4
CVSSv2
CVE-2016-9315
Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and previous versions allows authenticated, remote users with least privileges to change M...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
3.5
CVSSv2
CVE-2016-9316
Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and previous versions allow authenticated, remote users with least...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
3.5
CVSSv2
CVE-2017-6340
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWSVA implements i...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »