Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
encryption vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv2
CVE-2018-6230
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 search configuration script could allow an malicious user to execute SQL commands to upload and execute arbitrary code that may harm the target system.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
9.3
CVSSv2
CVE-2018-6221
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle malicious user to tamper with an update file and inject their own.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
3.5
CVSSv2
CVE-2018-6226
Reflected cross-site scripting (XSS) vulnerabilities in two Trend Micro Email Encryption Gateway 5.5 configuration files could allow an malicious user to inject client-side scripts into vulnerable systems.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
5
CVSSv2
CVE-2021-20413
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196212.
Ibm Guardium Data Encryption 4.0.0.4
4
CVSSv2
CVE-2021-20414
IBM Guardium Data Encryption (GDE) 3.0.0.2 could allow a user to bruce force sensitive information due to not properly limiting the number of interactions. IBM X-Force ID: 196216.
Ibm Guardium Data Encryption 3.0.0.2
5
CVSSv2
CVE-2021-20415
IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 196217.
Ibm Guardium Data Encryption 4.0.0.4
NA
CVE-2023-35173
Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encryption on the client side. By providing an invalid meta data file, an attacker can make previously dropped files inaccessible. It is recommended that the Nextcloud End-to-end encryptio...
Nextcloud End-to-end Encryption
6.4
CVSSv2
CVE-2018-6219
An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an malicious user to eavesdrop and tamper with certain types of update data.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
7.2
CVSSv2
CVE-2018-6222
Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an malicious user to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
6.8
CVSSv2
CVE-2018-6224
A lack of cross-site request forgery (CSRF) protection vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an malicious user to submit authenticated requests to a user browsing an attacker-controlled domain.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »