Max CVSS 10.0 Min CVSS 4.3 Total Count22
IDCVSSSummaryLast (major) updatePublished
CVE-2014-3566 4.3
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
23-03-2017 - 21:59 14-10-2014 - 20:55
CVE-2014-0224 6.8
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL
18-01-2017 - 21:59 05-06-2014 - 17:55
CVE-2014-6271 10.0
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman
06-01-2017 - 22:00 24-09-2014 - 14:48
CVE-2014-0160 5.0
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer ov
06-01-2017 - 21:59 07-04-2014 - 18:55
CVE-2015-0235 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
02-01-2017 - 21:59 28-01-2015 - 14:59
CVE-2015-2773 5.0
SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to read arbitrary files via unspecified vectors.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2772 7.5
SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2771 5.0
The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2768 4.3
Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2767 10.0
Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled."
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2766 5.0
The Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allows attackers to have unspecified impact via a brute force attack.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2765 4.3
The Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2764 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-DATA before 8.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the DSS (1) Mobile or (2) DLP report catalog.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2763 10.0
Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to port 17703.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2762 5.0
Websense TRITON AP-WEB before 8.0.0 allows remote attackers to enumerate Windows domain user accounts via vectors related to HTTP authentication.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2761 4.3
Cross-site scripting (XSS) vulnerability in the Exceptions and Scanning Exceptions Pages in Websense TRITON AP-WEB before 8.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
02-12-2016 - 22:06 27-03-2015 - 10:59
CVE-2015-2702 4.3
Cross-site scripting (XSS) vulnerability in the Message Log in the Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via the sender address in an
02-12-2016 - 22:05 25-03-2015 - 10:59
CVE-2015-2770 6.8
Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
30-03-2015 - 15:46 27-03-2015 - 10:59
CVE-2015-2769 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in the Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
30-03-2015 - 15:46 27-03-2015 - 10:59
CVE-2015-2748 5.0
Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuratio
27-03-2015 - 14:11 26-03-2015 - 10:59
CVE-2015-2703 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the (1) ws-userip in the ws-encdata parameter to cve-bin/moreBloc
26-03-2015 - 14:29 25-03-2015 - 10:59
CVE-2014-9711 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfi
26-03-2015 - 13:35 25-03-2015 - 10:59
Back to Top Mark selected
Back to Top