Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web security appliance vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-9315
Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and previous versions allows authenticated, remote users with least privileges to change M...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
5.4
CVSSv3
CVE-2016-9316
Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and previous versions allow authenticated, remote users with least...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
5.4
CVSSv3
CVE-2017-6340
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWSVA implements i...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
NA
CVE-2014-3053
The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 up to and including 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote malicious users to bypass authenticati...
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
Ibm Security Access Manager For Web Appliance 8.0
Ibm Security Access Manager For Web Appliance 7.0
Ibm Security Access Manager For Web Software 8.0
Ibm Security Access Manager For Mobile Appliance 8.0
Ibm Security Access Manager For Web Appliance 8.0
Ibm Security Access Manager For Web Software 7.0
Ibm Security Access Manager For Mobile Software 8.0
NA
CVE-2015-0732
Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033 allows remote malicious users to injec...
Cisco Web Security Appliance 9.0.0-193
Cisco Content Security Management Virtual Appliance 9.1.0-033
Cisco Email Security Appliance Firmware 8.5.6-113
Cisco Email Security Appliance Firmware 9.6.0-000
Cisco Email Security Appliance Firmware 9.1.0-032
Cisco Email Security Appliance Firmware 9.1.1-000
8.8
CVSSv3
CVE-2019-9490
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability.
Trendmicro Interscan Web Security Virtual Appliance 6.5
9.8
CVSSv3
CVE-2020-28578
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote malicious user to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.2
CVSSv3
CVE-2020-28580
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.2
CVSSv3
CVE-2020-28581
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
8.8
CVSSv3
CVE-2020-28579
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »