Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
email security appliance vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-28091
Lasso all versions before 2.7.0 has improper verification of a cryptographic signature.
Entrouvert Lasso
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
7.8
CVSSv3
CVE-2021-20025
SonicWall Email Security Virtual Appliance version 10.0.9 and previous versions versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appli...
Sonicwall Email Security Virtual Appliance
6.5
CVSSv3
CVE-2021-1516
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to access sensit...
Cisco Content Security Management Appliance -
Cisco Email Security Appliance -
Cisco Web Security Appliance -
Cisco Ironport Web Security Appliance 13.6.2-023
Cisco Ironport Web Security Appliance 14.0.0-090
Cisco Ironport Web Security Appliance 14.0.0-133
Cisco Ironport Web Security Appliance 14.0.0-292
Cisco Ironport Web Security Appliance 14.0.0-300
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
5.5
CVSSv3
CVE-2021-25252
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
Trendmicro Apex Central 2019
Trendmicro Apex One 2019
Trendmicro Cloud Edge 5.0
Trendmicro Apex One -
Trendmicro Deep Security 10.0
Trendmicro Deep Security 11.0
Trendmicro Deep Security 12.0
Trendmicro Deep Security 20.0
Trendmicro Control Manager 7.0
Trendmicro Deep Discovery Analyzer 5.1
Trendmicro Deep Discovery Email Inspector 2.5
Trendmicro Deep Discovery Inspector 3.8
Trendmicro Interscan Messaging Security Virtual Appliance 9.1
Trendmicro Interscan Web Security Virtual Appliance 6.5
Trendmicro Officescan -
Trendmicro Portal Protect 2.6
Trendmicro Scanmail 14.0
Trendmicro Scanmail For Ibm Domino 5.8
Trendmicro Serverprotect For Storage 6.0
Trendmicro Serverprotect 5.8
Trendmicro Serverprotect For Network Appliance Filers 5.8
Trendmicro Safe Lock 1.1
5.3
CVSSv3
CVE-2021-1129
A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to access gen...
Cisco Content Security Management Appliance 12.5.0
Cisco Web Security Appliance 11.8.0
Cisco Email Security Appliance 13.0.0
7.4
CVSSv3
CVE-2020-3994
VMware vCenter Server (6.7 prior to 6.7u3, 6.6 prior to 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server ...
Vmware Cloud Foundation
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
5.8
CVSSv3
CVE-2020-3568
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient inpu...
Cisco Asyncos
7.5
CVSSv3
CVE-2020-3133
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. A...
Cisco Email Security Appliance
6.1
CVSSv3
CVE-2020-3137
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulne...
Cisco Email Security Appliance
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »