24 matches found
Adobe DNG File Security Scanner
This program is a defensive security tool designed to analyze DNG Digital Negative image files and detect potential signs of malicious manipulation or exploit attempts. It performs a low-level inspection of the file structure by parsing the TIFF header and scanning raw binary content for suspicio...
EUVD-2002-0437
Malware in sbrugna...
CVE-2025-32019
Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed ...
CVE-2024-20401
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system. This vulnerability is due to improper handling of email attachments when file...
Cisco Secure Email Gateway Arbitrary File Write Vulnerability
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system. This vulnerability is due to improper handling of email attachments when file...
PT-2024-4846 · Cisco · Cisco Secure Email Gateway
Name of the Vulnerable Software and Affected Versions: Cisco Secure Email Gateway affected versions not specified Description: A vulnerability in the content scanning and message filtering features could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying...
Input validation
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of zip files. An...
CVE-2020-3134 Cisco Email Security Appliance Zip Decompression Engine Denial of Service Vulnerability
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of zip files. An...
CVE-2020-3134 Cisco Email Security Appliance Zip Decompression Engine Denial of Service Vulnerability
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of zip files. An...
Cisco Email Security Appliance zip decompression engine denial of service vulnerability
The Cisco Email Security Appliance ESA is an all-in-one appliance that defends against spam, advanced malware, phishing, and data loss.Cisco AsyncOS is the base operating system OS, device drivers, memory management, process scheduling, and a collection of all application and scanning software. A...
Cisco Email Security Appliance Zip Decompression Engine Denial of Service Vulnerability
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of zip files. An...
CVE-2017-3800
A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. Affected Products: This vulnerability affects all releases prior to the...
CVE-2017-3800
A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. Affected Products: This vulnerability affects all releases prior to the...
CVE-2017-3800
A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. Affected Products: This vulnerability affects all releases prior to the...
CVE-2017-3800
CVE-2017-3800 affects Cisco AsyncOS for the Email Security Appliance (ESA) content scanning engine. An unauthenticated, remote attacker could bypass configured message or content filters on attachments. Affected releases are all prior to the first fixed AsyncOS release; known affected: 9.7.1-066,...
Cisco Email Security Appliance Filter Bypass Vulnerability
A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...
Cisco Email Security Appliance Filter Bypass Vulnerability
A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. The vulnerability is due to incomplete input validation of email message...
Cisco IOS Software ScanSafe Vulnerability
A vulnerability in the content scanning module of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability occurs when processing HTTPS packets that need to be redirected to a ScanSafe tower. An attacker could exploit this...
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability Date & Version : 04/14/2007 - 1.0 Description : Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content...
HTTP content scanning systems full-width/half-width Unicode encoding bypass
Overview Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems. Description Full-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP...