Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messaging gateway vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-5312
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway prior to 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.
Symantec Messaging Gateway
1 EDB exploit
7.2
CVSSv3
CVE-2018-12465
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-20...
Microfocus Secure Messaging Gateway
1 EDB exploit
7.8
CVSSv3
CVE-2016-2203
The management console on Symantec Messaging Gateway (SMG) Appliance devices prior to 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
Symantec Messaging Gateway 10.6.0
1 EDB exploit
9.8
CVSSv3
CVE-2024-23614
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
Broadcom Symantec Messaging Gateway
9.8
CVSSv3
CVE-2024-23615
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
Broadcom Symantec Messaging Gateway
7.2
CVSSv3
CVE-2020-12594
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
9.8
CVSSv3
CVE-2018-12464
A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote malicious user to execute arbitrary SQL statements against the database. This can be exploited to create an administrative ac...
Microfocus Secure Messaging Gateway
1 EDB exploit
4.9
CVSSv3
CVE-2020-12595
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
8.8
CVSSv3
CVE-2020-11852
DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the ca...
Microfocus Secure Messaging Gateway
4.9
CVSSv3
CVE-2021-30651
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.
Broadcom Symantec Messaging Gateway
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »