Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web security appliance vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-31521
Trend Micro InterScan Web Security Virtual Appliance version 6.5 was found to have a reflected cross-site scripting (XSS) vulnerability in the product's Captive Portal.
Trendmicro Interscan Web Security Virtual Appliance 6.5
4.8
CVSSv3
CVE-2020-27010
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462.
Trendmicro Interscan Web Security Virtual Appliance 6.5
8.8
CVSSv3
CVE-2019-9490
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability.
Trendmicro Interscan Web Security Virtual Appliance 6.5
8.6
CVSSv3
CVE-2018-0410
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote malicious user to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists ...
Cisco Web Security Appliance 10.5.2-042
Cisco Web Security Appliance 11.0.0-641
Cisco Web Security Appliance 9.1.1-074
Cisco Web Security Appliance 9.1.2-010
Cisco Web Security Appliance 10.1.1-235
Cisco Web Security Appliance 10.5.1-296
Cisco Web Security Appliance 9.1.2-022
Cisco Web Security Appliance 10.1.0-204
Cisco Web Security Appliance 10.5.1-270
Cisco Web Security Appliance 9.1.2-039
NA
CVE-2015-6292
The proxy-cache implementation in Cisco AsyncOS 8.0.x prior to 8.0.7-151, 8.1.x and 8.5.x prior to 8.5.2-004, 8.6.x and 8.7.x prior to 8.7.0-171-LD, and 8.8.x prior to 8.8.0-085 on Web Security Appliance (WSA) devices allows remote malicious users to cause a denial of service (me...
Cisco Web Security Appliance 8.0.0-000
Cisco Web Security Appliance 8.0.5
Cisco Web Security Appliance 8.5.0.000
Cisco Web Security Appliance 8.5.0-497
Cisco Web Security Appliance 8.0.6-119
Cisco Web Security Appliance 8.0.6
NA
CVE-2013-4984
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance prior to 3.7.9.1 and 3.8 prior to 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.
Sophos Web Appliance 3.7.8.2
Sophos Web Appliance 3.7.8
Sophos Web Appliance 3.7.3
Sophos Web Appliance 3.7.1
Sophos Web Appliance 3.6.4.2
Sophos Web Appliance 3.6.2.4.0
Sophos Web Appliance 3.6.2.1
Sophos Web Appliance 3.5.3
Sophos Web Appliance 3.5.1.2
Sophos Web Appliance 3.4.5
Sophos Web Appliance 3.4.3.1
Sophos Web Appliance 3.3.6.1
Sophos Web Appliance 3.3.5.1
Sophos Web Appliance 3.3.0
Sophos Web Appliance 3.2.6
Sophos Web Appliance 3.1.4
Sophos Web Appliance 3.1.2
Sophos Web Appliance 3.0.5
Sophos Web Appliance 3.0.3
Sophos Web Appliance 3.7.7
Sophos Web Appliance 3.7.6
Sophos Web Appliance 3.7.5
2 EDB exploits
NA
CVE-2013-5537
The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote malicious users to cause a denial of service (manage...
Cisco Web Security Appliance -
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
6.1
CVSSv3
CVE-2018-0093
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. T...
Cisco Web Security Appliance
6.5
CVSSv3
CVE-2021-1516
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to access sensit...
Cisco Content Security Management Appliance -
Cisco Email Security Appliance -
Cisco Web Security Appliance -
Cisco Ironport Web Security Appliance 13.6.2-023
Cisco Ironport Web Security Appliance 14.0.0-090
Cisco Ironport Web Security Appliance 14.0.0-133
Cisco Ironport Web Security Appliance 14.0.0-292
Cisco Ironport Web Security Appliance 14.0.0-300
6.1
CVSSv3
CVE-2017-1489
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
Ibm Tivoli Access Manager For E-business 6.1.0.4
Ibm Tivoli Access Manager For E-business 6.1.0.6
Ibm Tivoli Access Manager For E-business 6.1.0.13
Ibm Tivoli Access Manager For E-business 6.1.0.15
Ibm Tivoli Access Manager For E-business 6.1.0.22
Ibm Tivoli Access Manager For E-business 6.1.0.24
Ibm Tivoli Access Manager For E-business 6.1.0.29
Ibm Tivoli Access Manager For E-business 6.1.0.31
Ibm Tivoli Access Manager For E-business 6.1.0
Ibm Tivoli Access Manager For E-business 6.1.0.1
Ibm Tivoli Access Manager For E-business 6.1.0.2
Ibm Tivoli Access Manager For E-business 6.1.0.3
Ibm Tivoli Access Manager For E-business 6.1.0.16
Ibm Tivoli Access Manager For E-business 6.1.0.17
Ibm Tivoli Access Manager For E-business 6.1.0.18
Ibm Tivoli Access Manager For E-business 6.1.0.19
Ibm Tivoli Access Manager For E-business 6.1.0.20
Ibm Tivoli Access Manager For E-business 6.1.0.8
Ibm Tivoli Access Manager For E-business 6.1.0.9
Ibm Tivoli Access Manager For E-business 6.1.0.10
Ibm Tivoli Access Manager For E-business 6.1.0.11
Ibm Tivoli Access Manager For E-business 6.1.0.25
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »