5 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217 •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Stored Cross-Site Scripting vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Command Injection vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22217 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 10.0EPSS: 4%CPEs: 49EXPL: 0

Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. • http://marc.info/?l=full-disclosure&m=113803349715927&w=2 http://secunia.com/advisories/18591 http://securityreason.com/securityalert/380 http://securitytracker.com/id?1015526 http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376 http://www.osvdb.org/22688 http://www.securityfocus.com/archive/1/423288/100/0/threaded http://www.securityfocus.com/archive/1/423403/100/0/threaded http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •