Lucene search
K
ForcepointEmail Security

8 matches found

CVE
CVE
added 2021/04/08 9:32 p.m.80 views

CVE-2020-6590

CVE-2020-6590 affects Forcepoint Web Security Content Gateway versions prior to 8.5.4, where improper processing of XML input leads to information disclosure. The issue is rooted in XML handling (XML input processing) and can be triggered remotely over the network with low attack complexity; no u...

7.5CVSS7.2AI score0.01046EPSS
CVE
CVE
added 2022/09/12 6:7 p.m.69 views

CVE-2022-1700

CVE-2022-1700 is an XXE vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP). The XML parser was configured to allow external entities/DTDs, affecting DLP versions before 8.8.2 and related products: Forcepoint One Endpoint (Policy Engine before 8.8.2), Forcepoint Web Securi...

9.8CVSS9.2AI score0.00699EPSS
CVE
CVE
added 2019/04/09 8:51 p.m.57 views

CVE-2019-6140

Forcepoint Email Security 8.4.x and 8.5.x are affected by a configuration issue that leaves the product vulnerable if the hybrid registration process is not completed. The CVE-2019-6140 entry is described as a high-severity configuration flaw (CVSS v3.1: 9.8, CRITICAL) with the impact stated as p...

9.8CVSS9.3AI score0.01394EPSS
CVE
CVE
added 2024/09/04 9:37 p.m.57 views

CVE-2024-2166

CVE-2024-2166 affects Forcepoint Email Security (Real Time Monitor modules). Root cause: improper neutralization of input during web page generation, leading to a reflected cross-site scripting (XSS) vulnerability. Affected product version: Email Security prior to 8.5.5 HF003. CVSS details from N...

8.8CVSS8.7AI score0.00294EPSS
CVE
CVE
added 2023/06/15 10:18 p.m.50 views

CVE-2023-2080

CVE-2023-2080 covers an SQL injection issue in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway and Email Security Cloud. The root cause cited is improper neutralization of special elements used in an SQL command, leading to Blind SQL Injection. Documents indicate affe...

9.8CVSS9.7AI score0.00511EPSS
CVE
CVE
added 2019/04/09 6:47 p.m.45 views

CVE-2018-16530

The CVE-2018-16530 entry concerns Forcepoint Email Security version 8.5, where a stack-based buffer overflow in the product allows crafting input that can crash a process and cause a denial-of-service. The description notes that while no known Remote Code Execution (RCE) vulnerabilities exist, th...

9.8CVSS9.9AI score0.03444EPSS
CVE
CVE
added 2019/11/05 8:49 p.m.45 views

CVE-2019-6142

The CVE-2019-6142 entry concerns Forcepoint Email Security, specifically versions 8.5 through 8.5.3, where a cross-site scripting (XSS) vulnerability exists. The connected documents describe a web-application flaw that lacks proper validation of client-side data, enabling potential client-side co...

6.1CVSS5.9AI score0.00641EPSS
CVE
CVE
added 2019/03/28 4:2 p.m.44 views

CVE-2018-16529

CVE-2018-16529 affects Forcepoint Email Security 8.5.x. A password-reset flow flaw allows the password-reset URL to be usable after its intended expiration or after it has already been used, enabling account compromise without additional authentication. NVD metrics indicate a high impact on confi...

9.8CVSS9.3AI score0.01558EPSS