257 matches found
PT-2025-22462 · Forcepoint · Forcepoint Fie Endpoint
Name of the Vulnerable Software and Affected Versions: Forcepoint FIE Endpoint versions prior to 25.05 Description: The issue is related to an Uncontrolled Search Path Element vulnerability, which allows for Privilege Escalation, Code Injection, and Hijacking a privileged process. Recommendations...
Forcepoint FIE Endpoint 安全漏洞
Forcepoint FIE Endpoint is a unified endpoint security platform from Forcepoint USA that integrates various Forcepoint agents into a single interface to simplify deployment and management. A security vulnerability exists in Forcepoint FIE Endpoint versions prior to 25.05 that stems from an...
CVE-2024-9103
Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security Blocked Messages module allows Stored XSS. This issue affects Email Security through 8.5.5...
CVE-2024-9103
CVE-2024-9103 affects Forcepoint Email Security (Blocked Messages module) with improper neutralization of script in web page attributes, enabling Stored XSS and impacting Email Security up to version 8.5.5. The vulnerability is documented across multiple feeds (NVD, Red Hat, CVE List, VulnEnrichm...
CVE-2024-9103 Persistent XSS in blocked messages
Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security Blocked Messages module allows Stored XSS. This issue affects Email Security through 8.5.5...
CVE-2024-9103 Persistent XSS in blocked messages
Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security Blocked Messages module allows Stored XSS. This issue affects Email Security through 8.5.5...
Forcepoint Email Security 安全漏洞
Forcepoint Email Security is a suite of email protection solutions from US-based Forcepoint. The product includes features such as spam filtering, malware detection, phishing protection, and protection against intrusion BEC attacks. A security vulnerability exists in Forcepoint Email Security 8.5...
CVE-2022-1700
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...
Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies
Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and...
CVE-2024-2166
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Email Security Real Time Monitor modules allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003...
CVE-2024-2166
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Email Security Real Time Monitor modules allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003...
CVE-2024-2166
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Email Security Real Time Monitor modules allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003...
CVE-2024-2166
CVE-2024-2166 affects Forcepoint Email Security (Real Time Monitor modules). Root cause: improper neutralization of input during web page generation, leading to a reflected cross-site scripting (XSS) vulnerability. Affected product version: Email Security prior to 8.5.5 HF003. CVSS details from N...
CVE-2024-2166
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Email Security Real Time Monitor modules allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003...
Forcepoint Email Security 安全漏洞
Forcepoint Email Security is a suite of email protection solutions from US-based Forcepoint. The product includes features such as spam filtering, malware detection, phishing protection, and protection against intrusion BEC attacks. A security vulnerability exists in Forcepoint Email Security...
CVE-2023-6452
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Web Security Transaction Viewer allows Stored XSS. The Forcepoint Web Security portal allows administrators to generate detailed reports on user requests made through the Web proxy. It h...
CVE-2023-6452
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Web Security Transaction Viewer allows Stored XSS. The Forcepoint Web Security portal allows administrators to generate detailed reports on user requests made through the Web proxy. It h...
CVE-2023-6452
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Web Security Transaction Viewer allows Stored XSS. The Forcepoint Web Security portal allows administrators to generate detailed reports on user requests made through the Web proxy. It h...
CVE-2023-6452
CVE-2023-6452 describes a Stored XSS in Forcepoint Web Security (Transaction Viewer) where the vulnerable target is the "user agent" field. The root cause is Improper Neutralization of Input During Web Page Generation, enabling an attacker that can route traffic through the Forcepoint proxy to ex...
Forcepoint Web Security 安全漏洞
Forcepoint Web Security is a security platform from US-based Forcepoint, Inc. It provides robust protection through content-aware defense as well as cloud application discovery and monitoring. A security vulnerability exists in Forcepoint Web Security that stems from the inclusion of a cross-site...