Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
email security vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv3
CVE-2017-3818
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote malicious user to bypass configured user filters on the device, aka a Malformed MIME Header Filte...
Cisco Email Security Appliance Firmware 9.7.1-066
NA
CVE-2015-0734
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743.
Cisco Email Security Appliance Firmware 8.5.6-106
7.8
CVSSv3
CVE-2023-47172
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later.
Withsecure Elements Endpoint Protection
Withsecure Email And Server Security
Withsecure Server Security
Withsecure Client Security
NA
CVE-2015-6291
Cisco AsyncOS prior to 8.5.7-043, 9.x prior to 9.1.1-023, and 9.5.x and 9.6.x prior to 9.6.0-046 on Email Security Appliance (ESA) devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-matc...
Cisco Email Security Appliance 8.0 Base
Cisco Email Security Appliance 8.5 Base
Cisco Email Security Appliance 8.5.6-113
Cisco Email Security Appliance 9.1.0-032
Cisco Email Security Appliance 8.5.6-073
Cisco Email Security Appliance 9.0.0
Cisco Email Security Appliance 9.0.0-461
Cisco Email Security Appliance 8.5.6-052
Cisco Email Security Appliance 9.0.0-212
Cisco Email Security Appliance 8.5.7-042
Cisco Email Security Appliance 9.6.0-042
Cisco Email Security Appliance 9.0.5-000
Cisco Email Security Appliance 8.5.6-106
Cisco Email Security Appliance 8.5.6-074
Cisco Email Security Appliance 7.7.0-000
Cisco Email Security Appliance 7.7.1-000
7.5
CVSSv3
CVE-2020-6590
Forcepoint Web Security Content Gateway versions before 8.5.4 improperly process XML input, leading to information disclosure.
Forcepoint Data Loss Prevention
Forcepoint Email Security
Forcepoint Web Security Content Gateway
6.1
CVSSv3
CVE-2017-6661
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based...
Cisco Content Security Management Appliance 10.0.0-203
Cisco Email Security Appliance 10.1.0-049
Cisco Email Security Appliance 10.0.0-203
Cisco Content Security Management Appliance 10.1.0-049
5.3
CVSSv3
CVE-2017-12309
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attac...
Cisco Email Security Appliance Firmware 10.0.2-020
Cisco Email Security Appliance Firmware 11.0.0-105
8.6
CVSSv3
CVE-2019-1947
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on ...
Cisco Email Security Appliance 11.1.0-131
Cisco Asyncos 12.1.0-085
1 Article
6.7
CVSSv3
CVE-2024-23764
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later.
Withsecure Client Security 15
Withsecure Server Security 15
Withsecure Email And Server Security 15
Withsecure Elements Endpoint Protection 17
NA
CVE-2015-4288
The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to ...
Cisco Web Security Appliance 8.5.0-000
Cisco Email Security Appliance 8.5.7-042
Cisco Content Security Management Appliance 8.3.6-048
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »