Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
web gateway vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2015-6548
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors....
Symantec Web Gateway
7.9
CVSSv2
CVE-2015-5693
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."...
Symantec Web Gateway
4.1
CVSSv2
CVE-2020-7295
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface....
Mcafee Web Gateway
4.3
CVSSv2
CVE-2020-7292
Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL....
Mcafee Web Gateway
8.5
CVSSv2
CVE-2015-5690
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a "redirect."...
Symantec Web Gateway
10
CVSSv2
CVE-2017-18001
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI....
Trustwave Secure Web Gateway
1 EDB exploit available
5
CVSSv2
CVE-2012-2212
** DISPUTED ** McAfee Web Gateway 7.0 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher did not provide...
Mcafee Web Gateway 7.0.0
1 Github repository available
5
CVSSv2
CVE-2019-3581
Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter....
Mcafee Mcafee Web Gateway
9
CVSSv2
CVE-2021-23885
Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page....
Mcafee Web Gateway
4
CVSSv2
CVE-2014-2535
Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x before 7.4.1, 7.3.x before 7.3.2.6, and 7.2.0.9 and earlier allows remote authenticated users to read arbitrary files via a crafted request to the web filtering port....
Mcafee Web Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2021-21973
mass assignment
CVE-2021-1396
CVE-2018-19518
CVE-2020-28599
deserialization
CVE-2021-1230
CVE-2021-26681
« PREV
1
2
3
4
5
6
7
8
NEXT »
Vulmon