Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websense vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-5148
Websense Web Security and Web Filter prior to 7.1 Hotfix 21 do not set the secure flag for the Encrypted Session (SSL) cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Websense Websense Web Security
Websense Websense Web Filter
NA
CVE-2009-5130
The Rules Service in Websense Email Security prior to 7.1 allows remote malicious users to cause a denial of service (service crash) via an attachment with a crafted size.
Websense Websense Email Security 6.1
Websense Websense Email Security
NA
CVE-2009-5131
The Receive Service in Websense Email Security prior to 7.1 does not recognize domain extensions in the blacklist, which allows remote malicious users to bypass intended access restrictions and send e-mail messages via an SMTP session.
Websense Websense Email Security
Websense Websense Email Security 6.1
NA
CVE-2009-5119
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network and then conducting...
Websense Websense Web Filter 7.0
Websense Websense Web Security 7.0
NA
CVE-2009-5120
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote malicious users to conduct cross-site scripting (XSS) attacks vi...
Websense Websense Web Security 7.0
Websense Websense Web Filter 7.0
NA
CVE-2008-7312
The Filtering Service in Websense Enterprise 5.2 up to and including 6.3 does not consider the IP address during URL categorization, which makes it easier for remote malicious users to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server asso...
Websense Enterprise 5.5
Websense Enterprise 6.1
Websense Enterprise 6.2
Websense Enterprise 6.3
Websense Enterprise 5.2
NA
CVE-2007-6312
Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote malicious users to inject arbitrary web script or HTML via the username field.
Websense Web Security Suite 6.3
Websense Web Security Suite 6.3.1
Websense Reporting Tools 6.3
Websense Reporting Tools 6.3.1
Websense Enterpise 6.3
Websense Enterpise 6.3.1
NA
CVE-2006-2035
Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL.
Websense Websense
NA
CVE-2009-5129
The Websense V10000 appliance prior to 1.0.1 allows remote malicious users to cause a denial of service (intermittent LDAP authentication outage) via a login attempt with an incorrect password.
Websense Websense V10000
NA
CVE-2015-2748
Websense TRITON AP-WEB prior to 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote malicious users to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.
Websense Triton Ap Email
Websense Triton Ap Web
Websense V-series Appliances
Websense Triton Ap Data
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »