web gateway vulnerabilities and exploits

(subscribe to this query)

4.3

CVSSv2

Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote attackers to inject arbitrary web script or HTML via (1) vectors involving PHP scripts and (2) unspecified other vectors....

Symantec Web Gateway

4.3

CVSSv2

Cross-site scripting (XSS) vulnerability in McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to the McAfee Security...

Mcafee Email And Web Security 5.5 Mcafee Email And Web Security 5.6 Mcafee Email Gateway 7.0.0 Mcafee Email Gateway 7.0.1

7.5

CVSSv2

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX)....

Mcafee Mcafee Web Gateway

7.5

CVSSv2

SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter....

Symantec Web Gateway 5.0.3.181 EDB exploit available

7.5

CVSSv2

The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and...

Websense Websense Web Filter Websense Websense Web Security 7.1 Websense Websense Web Security 7.1.1 Websense Websense Web Security 7.5 Websense Websense Web Security 7.5.1 Websense Websense Web Security 7.6 Websense Websense Web Security 7.6.2 Websense Websense Web Security Gateway Websense Websense Web Security Gateway Anywhere

5

CVSSv2

Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling...

Cisco Ace Web Application Firewall 6.0\\(0\\)Cisco Ace Web Application Firewall 6.0\\(1\\)Cisco Ace Web Application Firewall 6.0\\(2\\)Cisco Ace Web Application Firewall Cisco Ace Xml Gateway 6.0\\(0\\)Cisco Ace Xml Gateway 6.0\\(1\\)Cisco Ace Xml Gateway 6.0\\(2\\)Cisco Ace Xml Gateway1 EDB exploit available

7.5

CVSSv2

McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to bypass authentication and obtain an admin session ID via unspecified vectors....

Mcafee Email And Web Security 5.5 Mcafee Email And Web Security 5.6 Mcafee Email Gateway 7.0.0 Mcafee Email Gateway 7.0.1

3.5

CVSSv2

The Settings module in Websense Triton Unified Security Center 7.7.3 before Hotfix 31, Web Filter 7.7.3 before Hotfix 31, Web Security 7.7.3 before Hotfix 31, Web Security Gateway 7.7.3 before Hotfix 31, and Web Security Gateway Anywhere 7.7.3 before Hotfix 31 allows remote...

Websense Triton Unified Security Center 7.7.3 Websense Triton Web Filter 7.7.3 Websense Triton Web Security 7.7.3 Websense Triton Web Security Gateway 7.7.3 Websense Triton Web Security Gateway Anywhere 7.7.31 Github repository available

6.5

CVSSv2

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors....

Mcafee Mcafee Web Gateway 7.8.1.0

9

CVSSv2

Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors....

Mcafee Mcafee Web Gateway 7.8.1.0

« PREV 1 2 3 4 5 6 7 8 9 10 NEXT »