Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messaging gateway vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2012-0308
Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) prior to 10.0 allows remote malicious users to hijack the authentication of administrators.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 10.0
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.1
1 EDB exploit
383
VMScore
CVE-2014-1648
Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x prior to 10.5.2 allows remote malicious users to inject arbitrary web script or HTML via the displayTab parameter.
Symantec Messaging Gateway 10.5.1
Symantec Messaging Gateway 10.5.0
Symantec Messaging Gateway 10.0.1
Symantec Messaging Gateway 10.0.2
Symantec Messaging Gateway 10.0.3
Symantec Messaging Gateway 10.0
685
VMScore
CVE-2012-3580
Symantec Messaging Gateway (SMG) prior to 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.1
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.2
294
VMScore
CVE-2012-3581
Symantec Messaging Gateway (SMG) prior to 10.0 allows remote malicious users to obtain potentially sensitive information about component versions via unspecified vectors.
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.1
383
VMScore
CVE-2012-0307
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) prior to 10.0 allow remote malicious users to inject arbitrary web script or HTML via (1) web content or (2) e-mail content.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5.1
Symantec Messaging Gateway 9.5
795
VMScore
CVE-2012-3579
Symantec Messaging Gateway (SMG) prior to 10.0 has a default password for an unspecified account, which makes it easier for remote malicious users to obtain privileged access via an SSH session.
Symantec Messaging Gateway
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5.1
Symantec Messaging Gateway 9.5
1 EDB exploit
505
VMScore
CVE-2012-4347
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSe...
Symantec Messaging Gateway 9.5.2
Symantec Messaging Gateway 9.5.3
Symantec Messaging Gateway 9.5
Symantec Messaging Gateway 9.5.4
Symantec Messaging Gateway 9.5.1
1 EDB exploit
578
VMScore
CVE-2016-2204
The management console on Symantec Messaging Gateway (SMG) Appliance devices prior to 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input.
Symantec Messaging Gateway 10.6.0
Symantec Messaging Gateway
516
VMScore
CVE-2018-12243
The Symantec Messaging Gateway product before 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes o...
Symantec Messaging Gateway
578
VMScore
CVE-2019-18377
Symantec Messaging Gateway, before 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an applicat...
Symantec Messaging Gateway
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »