Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web gateway vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2014-6064
The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) prior to 7.3.2.9 and 7.4.x prior to 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.
Mcafee Web Gateway
463
VMScore
CVE-2014-1650
SQL injection vulnerability in user.php in the management console in Symantec Web Gateway (SWG) prior to 5.2.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
383
VMScore
CVE-2020-7292
Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) before 9.2.1 allows a remote malicious user to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL.
Mcafee Web Gateway
365
VMScore
CVE-2020-7294
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface.
Mcafee Web Gateway
801
VMScore
CVE-2021-23885
Privilege escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page.
Mcafee Web Gateway
356
VMScore
CVE-2014-2535
Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x prior to 7.4.1, 7.3.x prior to 7.3.2.6, and 7.2.0.9 and previous versions allows remote authenticated users to read arbitrary files via a crafted request to the web filtering port.
Mcafee Web Gateway
739
VMScore
CVE-2015-6547
The management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified vectors.
Symantec Web Gateway
801
VMScore
CVE-2016-5313
Symantec Web Gateway (SWG) prior to 5.2.5 allows remote authenticated users to execute arbitrary OS commands.
Symantec Web Gateway
516
VMScore
CVE-2019-3639
Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x before 7.8.2.12 allows remote malicious users to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header.
Mcafee Web Gateway
516
VMScore
CVE-2022-1254
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x before 10.2.9, 9.x before 9.2.20, 8.x before 8.2.27, and 7.x before 7.8.2.31, and controlled release 11.x before 11.1.3 allows a remote malicious user to redirect a user to a malicious website controlled by the ...
Mcafee Web Gateway
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2108
CVE-2024-31061
CVE-2024-25959
CVE-2023-45866
injection
IDOR
memory leak
CVE-2024-1086
CVE-2023-42931
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »