Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web gateway vulnerabilities and exploits
(subscribe to this query)
7.9
CVSSv2
CVE-2015-5692
admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary code by uploading a file with a safe extension and content type, and then leveraging an improper...
Symantec Web Gateway
7.9
CVSSv2
CVE-2015-5693
The management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."
Symantec Web Gateway
4.3
CVSSv2
CVE-2019-3638
Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x before 7.8.2.13 allows remote malicious users to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administr...
Mcafee Web Gateway
5.8
CVSSv2
CVE-2019-3639
Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x before 7.8.2.12 allows remote malicious users to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header.
Mcafee Web Gateway
6.5
CVSSv2
CVE-2014-7285
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
Symantec Web Gateway
1 EDB exploit
2 Github repositories
4
CVSSv2
CVE-2014-6064
The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) prior to 7.3.2.9 and 7.4.x prior to 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.
Mcafee Web Gateway
4
CVSSv2
CVE-2014-2535
Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x prior to 7.4.1, 7.3.x prior to 7.3.2.6, and 7.2.0.9 and previous versions allows remote authenticated users to read arbitrary files via a crafted request to the web filtering port.
Mcafee Web Gateway
7.5
CVSSv2
CVE-2022-20738
A vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthenticated, remote malicious user to bypass the file inspection feature. This vulnerability is due to insufficient restrictions in the file inspection feature. An attacker could exploit this vuln...
Cisco Umbrella Secure Web Gateway -
5
CVSSv2
CVE-2009-3457
Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) prior to 6.1 allow remote malicious users to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-hand...
Cisco Ace Xml Gateway 6.0(2)
Cisco Ace Xml Gateway 6.0(0)
Cisco Ace Xml Gateway 6.0(1)
Cisco Ace Web Application Firewall 6.0(2)
Cisco Ace Web Application Firewall 6.0(1)
Cisco Ace Xml Gateway
Cisco Ace Web Application Firewall 6.0(0)
Cisco Ace Web Application Firewall
1 EDB exploit
10
CVSSv2
CVE-2017-18001
Trustwave Secure Web Gateway (SWG) up to and including 11.8.0.27 allows remote malicious users to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
Trustwave Secure Web Gateway
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »