Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websense vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2010-5148
Websense Web Security and Web Filter prior to 7.1 Hotfix 21 do not set the secure flag for the Encrypted Session (SSL) cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Websense Websense Web Security
Websense Websense Web Filter
383
VMScore
CVE-2009-5130
The Rules Service in Websense Email Security prior to 7.1 allows remote malicious users to cause a denial of service (service crash) via an attachment with a crafted size.
Websense Websense Email Security 6.1
Websense Websense Email Security
445
VMScore
CVE-2009-5131
The Receive Service in Websense Email Security prior to 7.1 does not recognize domain extensions in the blacklist, which allows remote malicious users to bypass intended access restrictions and send e-mail messages via an SMTP session.
Websense Websense Email Security
Websense Websense Email Security 6.1
383
VMScore
CVE-2009-5119
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network and then conducting...
Websense Websense Web Filter 7.0
Websense Websense Web Security 7.0
383
VMScore
CVE-2009-5120
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote malicious users to conduct cross-site scripting (XSS) attacks vi...
Websense Websense Web Security 7.0
Websense Websense Web Filter 7.0
445
VMScore
CVE-2008-7312
The Filtering Service in Websense Enterprise 5.2 up to and including 6.3 does not consider the IP address during URL categorization, which makes it easier for remote malicious users to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server asso...
Websense Enterprise 5.5
Websense Enterprise 6.1
Websense Enterprise 6.2
Websense Enterprise 6.3
Websense Enterprise 5.2
383
VMScore
CVE-2007-6312
Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote malicious users to inject arbitrary web script or HTML via the username field.
Websense Web Security Suite 6.3
Websense Web Security Suite 6.3.1
Websense Reporting Tools 6.3
Websense Reporting Tools 6.3.1
Websense Enterpise 6.3
Websense Enterpise 6.3.1
329
VMScore
CVE-2006-2035
Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL.
Websense Websense
445
VMScore
CVE-2009-5129
The Websense V10000 appliance prior to 1.0.1 allows remote malicious users to cause a denial of service (intermittent LDAP authentication outage) via a login attempt with an incorrect password.
Websense Websense V10000
445
VMScore
CVE-2015-2748
Websense TRITON AP-WEB prior to 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote malicious users to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.
Websense Triton Ap Email
Websense Triton Ap Web
Websense V-series Appliances
Websense Triton Ap Data
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »