VYPR
Vendor

Astaro

Products
3
CVEs
21
Across products
22
Status
Private

Products

3

Recent CVEs

21
View all 21 CVEs →
  • CVE-2025-10127CriSep 11, 2025
    risk 0.64cvss 9.8epss 0.01

    Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials.

  • CVE-2023-47356HigJul 17, 2025
    risk 0.57cvss 8.8epss 0.01

    Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution (RCE) vulnerability via the log_type parameter at /log/fw_security.mds.

  • CVE-2005-2729Aug 30, 2005
    risk 0.04cvss epss 0.07

    The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.

  • CVE-2002-0029Nov 29, 2002
    risk 0.01cvss epss 0.10

    Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2)…

  • CVE-2023-49321Nov 26, 2023
    risk 0.00cvss epss 0.01

    Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements…

  • CVE-2023-43765Sep 22, 2023
    risk 0.00cvss epss 0.01

    Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for…

  • CVE-2023-42520Sep 18, 2023
    risk 0.00cvss epss 0.01

    Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,…

  • CVE-2023-42521Sep 18, 2023
    risk 0.00cvss epss 0.01

    Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later,…

  • CVE-2023-42526Sep 18, 2023
    risk 0.00cvss epss 0.01

    Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and…

  • CVE-2021-25692Apr 6, 2021
    risk 0.00cvss epss 0.00

    Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3.

  • CVE-2012-3238Jul 9, 2012
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.

  • CVE-2007-4243Aug 8, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway (ASG) 7 allows remote attackers to cause a denial of service (CPU consumption) via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data.

  • CVE-2007-4242Aug 8, 2007
    risk 0.00cvss epss 0.02

    The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment.

  • CVE-2007-3253Jun 18, 2007
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during…

  • CVE-2005-3985Dec 4, 2005
    risk 0.00cvss epss 0.04

    The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due…

  • CVE-2005-3100Sep 28, 2005
    risk 0.00cvss epss 0.02

    Unspecified "PPTP Remote DoS Vulnerability" in Astaro Security Linux 4.027 allows attackers to cause a denial of service.

  • CVE-2005-2731Aug 30, 2005
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.

  • CVE-2005-2730Aug 30, 2005
    risk 0.00cvss epss 0.02

    The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.

  • CVE-2004-2252Dec 31, 2004
    risk 0.00cvss epss 0.04

    The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks.

  • CVE-2004-2251Dec 31, 2004
    risk 0.00cvss epss 0.02

    The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks.