Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web security appliance vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-31521
Trend Micro InterScan Web Security Virtual Appliance version 6.5 was found to have a reflected cross-site scripting (XSS) vulnerability in the product's Captive Portal.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.2
CVSSv3
CVE-2020-28580
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
7.2
CVSSv3
CVE-2020-28581
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
8.6
CVSSv3
CVE-2018-0410
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote malicious user to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists ...
Cisco Web Security Appliance 10.5.2-042
Cisco Web Security Appliance 11.0.0-641
Cisco Web Security Appliance 9.1.1-074
Cisco Web Security Appliance 9.1.2-010
Cisco Web Security Appliance 10.1.1-235
Cisco Web Security Appliance 10.5.1-296
Cisco Web Security Appliance 9.1.2-022
Cisco Web Security Appliance 10.1.0-204
Cisco Web Security Appliance 10.5.1-270
Cisco Web Security Appliance 9.1.2-039
NA
CVE-2015-6292
The proxy-cache implementation in Cisco AsyncOS 8.0.x prior to 8.0.7-151, 8.1.x and 8.5.x prior to 8.5.2-004, 8.6.x and 8.7.x prior to 8.7.0-171-LD, and 8.8.x prior to 8.8.0-085 on Web Security Appliance (WSA) devices allows remote malicious users to cause a denial of service (me...
Cisco Web Security Appliance 8.0.0-000
Cisco Web Security Appliance 8.0.5
Cisco Web Security Appliance 8.5.0.000
Cisco Web Security Appliance 8.5.0-497
Cisco Web Security Appliance 8.0.6-119
Cisco Web Security Appliance 8.0.6
NA
CVE-2013-5537
The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote malicious users to cause a denial of service (manage...
Cisco Web Security Appliance -
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
NA
CVE-2013-4984
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance prior to 3.7.9.1 and 3.8 prior to 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.
Sophos Web Appliance 3.7.8.2
Sophos Web Appliance 3.7.8
Sophos Web Appliance 3.7.3
Sophos Web Appliance 3.7.1
Sophos Web Appliance 3.6.4.2
Sophos Web Appliance 3.6.2.4.0
Sophos Web Appliance 3.6.2.1
Sophos Web Appliance 3.5.3
Sophos Web Appliance 3.5.1.2
Sophos Web Appliance 3.4.5
Sophos Web Appliance 3.4.3.1
Sophos Web Appliance 3.3.6.1
Sophos Web Appliance 3.3.5.1
Sophos Web Appliance 3.3.0
Sophos Web Appliance 3.2.6
Sophos Web Appliance 3.1.4
Sophos Web Appliance 3.1.2
Sophos Web Appliance 3.0.5
Sophos Web Appliance 3.0.3
Sophos Web Appliance 3.7.7
Sophos Web Appliance 3.7.6
Sophos Web Appliance 3.7.5
2 EDB exploits
6.1
CVSSv3
CVE-2018-0093
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. T...
Cisco Web Security Appliance
6.5
CVSSv3
CVE-2021-1516
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to access sensit...
Cisco Content Security Management Appliance -
Cisco Email Security Appliance -
Cisco Web Security Appliance -
Cisco Ironport Web Security Appliance 13.6.2-023
Cisco Ironport Web Security Appliance 14.0.0-090
Cisco Ironport Web Security Appliance 14.0.0-133
Cisco Ironport Web Security Appliance 14.0.0-292
Cisco Ironport Web Security Appliance 14.0.0-300
6.1
CVSSv3
CVE-2017-1489
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
Ibm Tivoli Access Manager For E-business 6.1.0.4
Ibm Tivoli Access Manager For E-business 6.1.0.6
Ibm Tivoli Access Manager For E-business 6.1.0.13
Ibm Tivoli Access Manager For E-business 6.1.0.15
Ibm Tivoli Access Manager For E-business 6.1.0.22
Ibm Tivoli Access Manager For E-business 6.1.0.24
Ibm Tivoli Access Manager For E-business 6.1.0.29
Ibm Tivoli Access Manager For E-business 6.1.0.31
Ibm Tivoli Access Manager For E-business 6.1.0
Ibm Tivoli Access Manager For E-business 6.1.0.1
Ibm Tivoli Access Manager For E-business 6.1.0.2
Ibm Tivoli Access Manager For E-business 6.1.0.3
Ibm Tivoli Access Manager For E-business 6.1.0.16
Ibm Tivoli Access Manager For E-business 6.1.0.17
Ibm Tivoli Access Manager For E-business 6.1.0.18
Ibm Tivoli Access Manager For E-business 6.1.0.19
Ibm Tivoli Access Manager For E-business 6.1.0.20
Ibm Tivoli Access Manager For E-business 6.1.0.8
Ibm Tivoli Access Manager For E-business 6.1.0.9
Ibm Tivoli Access Manager For E-business 6.1.0.10
Ibm Tivoli Access Manager For E-business 6.1.0.11
Ibm Tivoli Access Manager For E-business 6.1.0.25
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »