Lucene search
K

91 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4531

Malware in sbrugna...

9.8CVSS9.5AI score0.30274EPSS
Exploits3References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-14024

Malware in sbrugna...

9.8CVSS9.4AI score0.03764EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/13 10:28 p.m.19 views

CVE-2025-25235

Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...

8.6CVSS7.2AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/08/11 10:15 p.m.8 views

CVE-2025-25235

Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...

8.6CVSS0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/11 9:47 p.m.7 views

CVE-2025-25235 Omnissa Secure Email Gateway (SEG) updates address Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...

8.6CVSS0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/11 9:47 p.m.3 views

CVE-2025-25235 Omnissa Secure Email Gateway (SEG) updates address Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...

8.6CVSS7.1AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/08/11 9:47 p.m.18 views

CVE-2025-25235

CVE-2025-25235 describes a Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SEG). The vulnerability affects SEG on Windows prior to 2.32 and SEG on UAG prior to 2503, enabling an attacker to route internal-network traffic (e.g., HTTP requests) through the gateway. The CVSS 3.1 ...

8.6CVSS7.1AI score0.00276EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.8 views

PT-2025-32587 · Omnissa · Omnissa Secure Email Gateway +1

Name of the Vulnerable Software and Affected Versions: Omnissa Secure Email Gateway SEG versions prior to 2.32 Windows Omnissa Secure Email Gateway SEG versions prior to 2503 UAG Description: This issue is a Server-Side Request Forgery SSRF that allows routing of network traffic, such as HTTP...

8.6CVSS6.2AI score0.00276EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2025/04/17 12:0 a.m.4 views

Omnissa Unified Access Gateway (UAG) CORS Bypass

A cross-origin resource sharing bypass vulnerability was privately reported in Omnissa Unified Access Gateway UAG. An update is available to remediate this vulnerability in impacted versions of the product. The fixed version is 2503...

7.5CVSS7AI score0.00239EPSS
Exploits0
hivepro
hivepro
added 2022/06/29 6:36 a.m.14 views

Unknown threat groups continues to exploit Log4j in VMware Products

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary An unknown APT group is exploiting the Log4j vulnerability that is affecting VMware Horizon and Unified Access Gateway UAG servers to compromise the system and take over the entire network by deploying malware...

2.9AI score
Exploits0
VMware
VMware
added 2021/12/10 12:0 a.m.62 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products Under Evaluation VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Proxy VMware vRealize Automation VMware...

9.3CVSS0.4AI score0.99999EPSS
Exploits353References4Affected Software51
VMware
VMware
added 2021/12/10 12:0 a.m.110 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

9.3CVSS0.4AI score0.99999EPSS
Exploits355References4Affected Software55
VMware
VMware
added 2021/12/10 12:0 a.m.153 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

9.3CVSS0.4AI score0.99999EPSS
Exploits355References4Affected Software55
VMware
VMware
added 2021/12/10 12:0 a.m.152 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

9.3CVSS0.4AI score0.99999EPSS
Exploits355References4Affected Software54
Microsoft KB
Microsoft KB
added 2019/11/06 2:31 a.m.31 views

MS10-089: Vulnerabilities in Forefront Unified Access Gateway and Microsoft Intelligent Application Gateway could cause elevation of privilege

Resolves vulnerabilities in Forefront Unified Access Gateway UAG that could allow elevation of privilege if a user visits an affected Web site using a specially crafted URL.INTRODUCTIONMicrosoft has released security bulletin MS10-089. To view the complete security bulletin, visit the following...

5.8CVSS0.2AI score0.19111EPSS
Exploits0
OSV
OSV
added 2019/06/27 3:15 p.m.4 views

CVE-2019-12581

A reflective Cross-site scripting XSS vulnerability in the freetimefailed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter...

6.1CVSS6.5AI score0.064EPSS
Exploits1References4
OSV
OSV
added 2018/07/05 8:29 p.m.4 views

CVE-2018-12571

uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...

9.8CVSS5.9AI score0.30274EPSS
Exploits3References4
NVD
NVD
added 2018/07/05 8:29 p.m.29 views

CVE-2018-12571

uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...

9.8CVSS9.4AI score0.30274EPSS
Exploits3References4
Cvelist
Cvelist
added 2018/07/05 8:0 p.m.37 views

CVE-2018-12571

uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...

9.4AI score0.30274EPSS
Exploits3References4
CVE
CVE
added 2018/07/05 8:0 p.m.46 views

CVE-2018-12571

CVE-2018-12571 affects Microsoft Forefront Unified Access Gateway 2010. The vulnerability arises in uniquesig0/InternalSite/InitParams.aspx where a comma-separated orig_url list can trigger outbound DNS queries to arbitrary hosts, enabling potential traffic amplification and/or SSRF. POCs and dis...

9.8CVSS9.2AI score0.30274EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder