6 matches found
CVE-2014-0160
CVE-2014-0160 (Heartbleed) is an information-disclosure vulnerability in OpenSSL’s TLS/DTLS heartbeat implementation. Affected: OpenSSL 1.0.1 before 1.0.1g. Root cause: improper handling of the Heartbeat extension (d1_both.c, t1_lib.c) leading to a buffer over-read, enabling an attacker to read m...
CVE-2020-12594
CVE-2020-12594 affects Symantec Messaging Gateway (SMG) appliances prior to version 10.7.4. The issue is a privilege-escalation vulnerability: an authenticated, privileged CLI user can elevate privileges to gain full control over the SMG system. Affected component/condition: CLI access within SMG...
CVE-2021-30651
CVE-2021-30651 relates to Broadcom Symantec Messaging Gateway (SMG). An authenticated SMG administrator can obtain passwords for external LDAP/Active Directory servers, representing an information disclosure vulnerability. The NVD entry records network access with authenticated, low complexity co...
CVE-2020-12595
CVE-2020-12595 concerns Symantec Messaging Gateway (SMG). The vulnerability is an information disclosure in which a malicious, authenticated, privileged web UI user can obtain the password for a remote SCP backup server they would not normally access. Affects SMG before version 10.7.4. Connected ...
CVE-2024-23614
CVE-2024-23614 describes a buffer overflow in Symantec Messaging Gateway (SMG) 9.5 and earlier . The vulnerability allows a remote, anonymous attacker to achieve remote code execution as root . Public sources consistently identify the affected software and generic impact; there are no concrete ex...
CVE-2024-23615
Symantec Messaging Gateway CVE-2024-23615 is a buffer overflow affecting versions 10.5 and earlier. A remote, anonymous attacker can trigger remote code execution as root. Public descriptions reiterate the same impact; no exploits or detailed vectors are provided in the supplied documents. PT-202...