Filtered by vendor Bluecoat
Subscriptions
Total
33 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-1211 | 1 Bluecoat | 19 Proxysg, Proxysg Sg210-10, Proxysg Sg210-25 and 16 more | 2024-09-17 | N/A |
Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header. | ||||
CVE-2010-5189 | 1 Bluecoat | 16 Proxysg, Proxysg Sg210-10, Proxysg Sg210-25 and 13 more | 2024-09-17 | N/A |
Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session. | ||||
CVE-2015-8482 | 1 Bluecoat | 1 Unified Agent | 2024-09-17 | N/A |
Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors. | ||||
CVE-2016-10259 | 1 Bluecoat | 8 Ssl Visibility Appliance Sv1800, Ssl Visibility Appliance Sv1800 Firmware, Ssl Visibility Appliance Sv2800 and 5 more | 2024-09-17 | N/A |
Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server. | ||||
CVE-2011-5127 | 2 Bluecoat, Microsoft | 2 Reporter, Windows | 2024-09-17 | N/A |
Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request. | ||||
CVE-2011-5126 | 1 Bluecoat | 1 Sgos | 2024-09-17 | N/A |
Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core images, which allows context-dependent attackers to obtain sensitive authentication information by leveraging read access to a downloaded core file. | ||||
CVE-2010-5190 | 1 Bluecoat | 16 Proxysg, Proxysg Sg210-10, Proxysg Sg210-25 and 13 more | 2024-09-16 | N/A |
The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities. | ||||
CVE-2010-5191 | 1 Bluecoat | 2 Avos, Proxyav | 2024-09-16 | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue Coat ProxyAV appliance before 3.2.6.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password, (2) modify a policy, or (3) restart the device. | ||||
CVE-2015-1454 | 1 Bluecoat | 2 Proxyclient, Unified Agent | 2024-09-16 | N/A |
Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate. | ||||
CVE-2011-5125 | 1 Bluecoat | 1 Director | 2024-09-16 | N/A |
Cross-site scripting (XSS) vulnerability in Blue Coat Director before 5.5.2.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving the HTTP TRACE method. | ||||
CVE-2011-5124 | 1 Bluecoat | 2 Proxyone, Proxysg | 2024-09-16 | N/A |
Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp). | ||||
CVE-2002-1060 | 1 Bluecoat | 1 Cacheos | 2024-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page. | ||||
CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2024-08-08 | N/A |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | ||||
CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2024-08-08 | 7.5 High |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||||
CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2024-08-08 | N/A |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||||
CVE-2005-4085 | 1 Bluecoat | 2 Proxyav, Webproxy | 2024-08-07 | N/A |
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. | ||||
CVE-2005-3654 | 1 Bluecoat | 1 Webproxy | 2024-08-07 | N/A |
Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the Telnet port (TCP 23), which corrupts the heap. | ||||
CVE-2005-3187 | 1 Bluecoat | 1 Winproxy | 2024-08-07 | N/A |
The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read. | ||||
CVE-2005-1708 | 1 Bluecoat | 1 Reporter | 2024-08-07 | N/A |
templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true. | ||||
CVE-2005-1710 | 1 Bluecoat | 1 Reporter | 2024-08-07 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page. |