Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Messaging_gateway
(Symantec)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-12-09 | CVE-2022-25630 | An authenticated user can embed malicious content with XSS into the admin group policy page. | Messaging_gateway | 5.4 | ||
| 2022-12-09 | CVE-2022-25629 | An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column). | Messaging_gateway | 5.4 | ||
| 2017-04-14 | CVE-2016-5309 | The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for... | Symantec_data_center_security_server, Advanced_threat_protection, Csapi, Email_security\.cloud, Endpoint_protection, Endpoint_protection_cloud, Endpoint_protection_for_small_business, Mail_security_for_domino, Mail_security_for_microsoft_exchange, Messaging_gateway, Messaging_gateway_for_service_providers, Protection_engine, Protection_for_sharepoint_servers, Web_gateway, Web_security\.cloud | 5.5 | ||
| 2017-04-14 | CVE-2016-5310 | The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for... | Symantec_data_center_security_server, Advanced_threat_protection, Csapi, Email_security\.cloud, Endpoint_protection, Endpoint_protection_cloud, Endpoint_protection_for_small_business, Mail_security_for_domino, Mail_security_for_microsoft_exchange, Messaging_gateway, Messaging_gateway_for_service_providers, Protection_engine, Protection_for_sharepoint_servers, Web_gateway, Web_security\.cloud | 5.5 | ||
| 2019-10-24 | CVE-2019-9699 | Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | Messaging_gateway | 4.5 | ||
| 2020-02-21 | CVE-2012-6277 | Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to... | Autonomy_keyview_idol, Domino, Notes, Data_loss_prevention_endpoint, Data_loss_prevention_enforce\/detection_servers, Mail_security, Messaging_gateway | N/A | ||
| 2019-12-11 | CVE-2019-18379 | Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. | Messaging_gateway | N/A | ||
| 2019-12-11 | CVE-2019-18378 | Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. | Messaging_gateway | N/A | ||
| 2019-12-11 | CVE-2019-18377 | Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | Messaging_gateway | N/A | ||
| 2017-06-26 | CVE-2017-6326 | The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. | Messaging_gateway | 10.0 |