← Back

Forcepoint

forcepoint

24 CVEs • 15 products

Products (15)

Click to collapse
Toggle
Email Security
email_security
8 CVEs
Web Security
web_security
5 CVEs
Cloud Security Gateway
cloud_security_gateway
4 CVEs
Next Generation Firewall
next_generation_firewall
3 CVEs
One Endpoint
one_endpoint
3 CVEs
Data Loss Prevention
data_loss_prevention
2 CVEs
Web Security Content Gateway
web_security_content_gateway
2 CVEs
Stonegate
stonegate
1 CVE
User Id
user_id
1 CVE
Vpn Client
vpn_client
1 CVE
Security Manager
security_manager
1 CVE
Next Generation Firewall Security Management Center
next_generation_firewall_security_management_center
1 CVE
One Endpoint With Policy Engine
one_endpoint_with_policy_engine
1 CVE
One Smartedge Agent
one_smartedge_agent
1 CVE
One Data Loss Prevention
one_data_loss_prevention
1 CVE

CVEs (24)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-16530
1Forcepoint
1Email Security
Nov 21, 2024
Apr 9, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE)...Show more
A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation.Show less
CVE-2018-16529
1Forcepoint
1Email Security
Nov 21, 2024
Mar 28, 2019
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password.
CVE-2019-6139
1Forcepoint
1User Id
Nov 21, 2024
Feb 7, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnera...Show more
Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface.Show less
CVE-2004-0112
244d
AppleAvaya+21 more
65Aaa Server
Access RegistrarApache Based Web Server+62 more
Apr 16, 2026
Nov 23, 2004
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a de...Show more
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.Show less