CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

RedhatCVE•added 2025/02/05 1:14 a.m.•6 views

CVE-2024-20260

A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance ASAv and Cisco Secure Firewall Threat Defense Virtual FTDv, formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual device...

8.6CVSS7.2AI score0.00625EPSS

Exploits0References1

Cisco•added 2024/10/23 4:0 p.m.•13 views

Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability

8.6CVSS8.6AI score0.00625EPSS

Exploits0References1

CNNVD•added 2024/10/23 12:0 a.m.•6 views

Cisco Firepower Threat Defense和Cisco Adaptive Security Virtual Appliance 安全漏洞

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Virtual Appliance are both products of Cisco, Inc.Cisco Firepower Threat Defense is a suite of next-generation firewall services that provide Cisco Adaptive Security Virtual Appliance is a virtualized version of Cisco ASA Adaptive...

8.6CVSS6.8AI score0.00625EPSS

Exploits0References2

OSV•added 2020/12/17 9:15 p.m.•3 views

CVE-2020-8465

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass CVE-2020-8461 and authentication bypass CVE-2020-8464 to execute code as user root...

9.8CVSS7.3AI score0.02574EPSS

Exploits2References2

NVD•added 2020/12/17 9:15 p.m.•21 views

CVE-2020-27010

A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462...

4.8CVSS4.9AI score0.00713EPSS

Exploits0References1

Cvelist•added 2020/12/17 9:5 p.m.•24 views

CVE-2020-8463

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths...

7.5AI score0.05908EPSS

Exploits2References2

Cvelist•added 2020/12/17 9:5 p.m.•29 views

CVE-2020-27010

4.9AI score0.00713EPSS

Exploits0References1

OSV•added 2020/11/09 11:15 p.m.•5 views

CVE-2020-27017

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an XML External Entity Processing XXE vulnerability which could allow an authenticated administrator to read arbitrary local files. An attacker must already have obtained product administrator/root privileges to...

4.9CVSS5.9AI score0.06392EPSS

Exploits2References2

OSV•added 2020/11/09 11:15 p.m.•4 views

CVE-2020-27019

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key...

5.5CVSS5.8AI score0.17884EPSS

Exploits2References2

CNVD•added 2020/11/06 12:0 a.m.•7 views

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) Cross-Site Request Forgery Vulnerability

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA is an appliance for securing communications from Trend Micro. The Trend Micro InterScan Messaging Security Virtual Appliance IMSVA suffers from a cross-site request forgery vulnerability that arises from a web application that does...

8.8CVSS6.7AI score0.01875EPSS

Exploits2References1

OSV•added 2020/05/27 11:15 p.m.•2 views

CVE-2020-8606

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance...

9.8CVSS7.3AI score0.7274EPSS

Exploits7References4

NVD•added 2020/05/27 11:15 p.m.•19 views

CVE-2020-8604

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations...

7.5CVSS7.9AI score0.89661EPSS

Exploits7References4

NVD•added 2020/05/27 11:15 p.m.•19 views

CVE-2020-8603

A cross-site scripting vulnerability XSS in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or...

6.1CVSS6AI score0.01976EPSS

Exploits0References2

0day.today•added 2019/08/12 12:0 a.m.•100 views

Cisco Adaptive Security Appliance - Path Traversal Exploit

Exploit for hardware platform in category web applications require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an...

5CVSS0.3AI score0.99903EPSS

Exploits18

Check Point Advisories•added 2018/05/02 12:0 a.m.•4 views

Trend Micro IMSVA Management Portal Authentication Bypass (CVE-2018-3609)

An authentication bypass exists in Trend Micro InterScan Mail Security Virtual Appliance. The vulnerability is due to insufficient protection of a log file containing session credentials for authenticated users...

4.3CVSS3.8AI score0.21826EPSS

Exploits1

NVD•added 2018/02/16 10:29 p.m.•15 views

CVE-2018-3609

A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations...

8.1CVSS8.1AI score0.21826EPSS

Exploits1References4

OSV•added 2017/09/22 4:29 p.m.•4 views

CVE-2017-11396

Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections...

7.2CVSS6AI score0.03196EPSS

Exploits0References1

NVD•added 2017/04/20 10:59 p.m.•16 views

CVE-2017-6609

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

7.7CVSS7.6AI score0.02842EPSS

Exploits0References3

Cvelist•added 2017/04/20 10:0 p.m.•22 views

CVE-2017-6609

7.6AI score0.02842EPSS

Exploits0References3

CVE•added 2017/04/20 10:0 p.m.•57 views

CVE-2017-6607

The CVE-2017-6607 issue affects Cisco ASA Software DNS handling. A crafted DNS response can be used by an unauthenticated remote attacker to cause the device to reload or corrupt its local DNS cache, leading to DoS or cache corruption. Impact applies to ASA in routed or transparent firewall mode,...

8.7CVSS8.7AI score0.02392EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by