VYPR
Vendor

Bluecoat

The bluecoat is a style of dress code, traditionally worn in bluecoat schools.

Products
35
CVEs
53
Across products
113
Status
Private

Products

35
View all 35 products →

Recent CVEs

53
View all 53 CVEs →
  • CVE-2015-4523CriSep 11, 2017
    risk 0.64cvss 9.3epss 0.04

    Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or execute…

  • CVE-2016-5774HigJul 12, 2016
    risk 0.53cvss 8.1epss 0.01

    The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5.3.2 might allow remote attackers to obtain sensitive credentials and other information via unspecified vectors, related to use of insecure cryptographic parameters.

  • CVE-2016-9091HigApr 5, 2017
    risk 0.51cvss 7.2epss 0.10

    Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges.

  • CVE-2004-0079HigNov 23, 2004
    risk 0.50cvss 7.5epss 0.10

    The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

  • CVE-2016-6594HigJun 8, 2017
    risk 0.49cvss 7.5epss 0.01

    Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning.

  • CVE-2004-2397HigDec 31, 2004
    risk 0.49cvss 7.5epss 0.01

    The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates.

  • CVE-2015-8597HigJan 8, 2016
    risk 0.48cvss 7.4epss 0.02

    Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in…

  • CVE-2016-10259MedApr 11, 2017
    risk 0.38cvss 5.9epss 0.01

    Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily…

  • CVE-2005-4085Dec 31, 2005
    risk 0.08cvss epss 0.66

    Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.

  • CVE-2011-5124Aug 26, 2012
    risk 0.07cvss epss 0.55

    Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp).

  • CVE-2011-5127Aug 26, 2012
    risk 0.04cvss epss 0.13

    Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request.

  • CVE-2007-1685Jun 8, 2007
    risk 0.04cvss epss 0.14

    Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 2372.

  • CVE-2005-3187Dec 31, 2005
    risk 0.04cvss epss 0.07

    The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.

  • CVE-2008-5121Nov 18, 2008
    risk 0.03cvss epss 0.01

    dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl…

  • CVE-2007-5796Nov 3, 2007
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6.1, and 5.x before 5.2.2.5, allows remote attackers to inject arbitrary web script or HTML by modifying the URL that is used for loading Certificate Revocation Lists.

  • CVE-2005-1708May 24, 2005
    risk 0.03cvss epss 0.01

    templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.

  • CVE-2005-1709May 24, 2005
    risk 0.03cvss epss 0.03

    Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license.

  • CVE-2002-1060Oct 4, 2002
    risk 0.03cvss epss 0.05

    Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that…

  • CVE-2000-0592Jun 27, 2000
    risk 0.03cvss epss 0.03

    Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands.

  • CVE-2007-2952Aug 1, 2008
    risk 0.01cvss epss 0.15

    Multiple stack-based buffer overflows in the filter service (aka k9filter.exe) in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow (1) remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and (2)…