Websense

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-11177 1Websense 1Triton Ap Email May 13, 2026 Nov 6, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file access in an unspecified directory.
CVE-2015-5718 1Websense 1Content Gateway May 6, 2026 Aug 12, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic com...Show more Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a crafted diagnostic command line request to submit_net_debug.cgi.Show less
CVE-2015-2773 1Websense 1V Series Appliances May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to read arbitrary files via unspecified vectors.
CVE-2015-2772 1Websense 1V Series Appliances May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors.
CVE-2015-2771 1Websense 2Triton Ap Email V Series Appliances May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2015-2770 1Websense 1V Series Appliances May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...Show more Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.Show less
CVE-2015-2769 1Websense 1Triton Ap Email May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple cross-site request forgery (CSRF) vulnerabilities in the Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allow remote attackers to hijack the authentication of unspecified victims via unkno...Show more Multiple cross-site request forgery (CSRF) vulnerabilities in the Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.Show less
CVE-2015-2768 1Websense 2Triton Ap Email V Series Appliances May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-2767 1Websense 1Triton Ap Email May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled."
CVE-2015-2766 1Websense 1Triton Ap Email May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allows attackers to have unspecified impact via a brute force attack.
CVE-2015-2765 1Websense 1Triton Ap Email May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
CVE-2015-2764 1Websense 1Triton Ap Data May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-DATA before 8.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the DSS (1) Mobile or (2) DLP report ca...Show more Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-DATA before 8.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the DSS (1) Mobile or (2) DLP report catalog.Show less
CVE-2015-2763 1Websense 1Triton Ap Email May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to port 17703.
CVE-2015-2762 1Websense 1Triton Ap Web May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Websense TRITON AP-WEB before 8.0.0 allows remote attackers to enumerate Windows domain user accounts via vectors related to HTTP authentication.
CVE-2015-2761 1Websense 1Triton Ap Web May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Exceptions and Scanning Exceptions Pages in Websense TRITON AP-WEB before 8.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-9712 1Websense 1V Series Appliances May 6, 2026 Mar 27, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path.
CVE-2015-2748 1Websense 4Triton Ap Data Triton Ap EmailTriton Ap Web+1 more May 6, 2026 Mar 26, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or...Show more Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.Show less
CVE-2015-2747 1Websense 2Triton V Series Appliances May 6, 2026 Mar 26, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in the data loss prevention (DLP) incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script...Show more Multiple cross-site scripting (XSS) vulnerabilities in the data loss prevention (DLP) incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted (1) email or (2) HTTP request, which triggers a DLP Policy.Show less
CVE-2015-2746 1Websense 2Triton V Series Appliances May 6, 2026 Mar 26, 2015 N/A· v4 N/A· v3 6.5 MEDIUM· v2 The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute a...Show more The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command, as demonstrated by the Destination parameter in the ping command.Show less
CVE-2015-2703 1Websense 2Triton Ap Web V Series Appliances May 6, 2026 Mar 25, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the (1) ws-userip in the ws-encdata...Show more Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the (1) ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or (2) admin_msg parameter to configure/ssl_ui/eva-config/client-cert-import_wsoem.html in the Content Gateway, which is not properly handled in an error message.Show less

12 3 Next