CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29714
https://notcve.org/view.php?id=CVE-2023-29714
Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter. • https://info.vadesecure.com/hubfs/Ressource%20Marketing%20Website/Datasheet/EN/Vade_Secure_DS_Gateway_EN.pdf https://labs.yarix.com/advisories/cve-2023-29714-dom-based-xss-in-vade-secure-gateway https://www.vadesecure.com/en • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29712
https://notcve.org/view.php?id=CVE-2023-29712
Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter. • https://info.vadesecure.com/hubfs/Ressource%20Marketing%20Website/Datasheet/EN/Vade_Secure_DS_Gateway_EN.pdf https://labs.yarix.com/2023/05/vade-secure-gateway-multiple-xss-cve-2023-29712-cve-2023-29713-cve-2023-29714 https://www.vadesecure.com/en • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29713
https://notcve.org/view.php?id=CVE-2023-29713
Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory. • https://info.vadesecure.com/hubfs/Ressource%20Marketing%20Website/Datasheet/EN/Vade_Secure_DS_Gateway_EN.pdf https://labs.yarix.com/advisories/cve-2023-29713-reflected-xss-in-vade-secure-gateway https://www.vadesecure.com/en • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 0CVE-2009-2214
https://notcve.org/view.php?id=CVE-2009-2214
The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an unspecified request. El servicio Secure Gateway en Citrix Secure Gateway v3.1 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU) mediante una petición no especificada. • http://secunia.com/advisories/35503 http://support.citrix.com/article/CTX121172 http://www.securityfocus.com/bid/35421 http://www.securitytracker.com/id?1022420 http://www.vupen.com/english/advisories/2009/1633 https://exchange.xforce.ibmcloud.com/vulnerabilities/51216 • CWE-399: Resource Management Errors •