Securecomputing
Products
12- 36 CVEs
- 4 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
53| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-4043 | Cri | 0.64 | 9.8 | 0.02 | Jul 27, 2007 | file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary… | ||
| CVE-2024-1969 | Hig | 0.53 | 8.2 | 0.00 | Apr 29, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033. | ||
| CVE-2024-1579 | Hig | 0.53 | 8.1 | 0.01 | Apr 29, 2024 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea GateManager (Webserver modules) allows Session Hijacking.This issue affects GateManager: before 11.2.624071020. | ||
| CVE-2004-0079 | Hig | 0.50 | 7.5 | 0.10 | Nov 23, 2004 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
| CVE-2025-14716 | Med | 0.42 | 6.5 | 0.00 | Mar 19, 2026 | Improper Authentication vulnerability in Secomea GateManager (webserver modules) allows Authentication Bypass.This issue affects GateManager: 11.4;0. | ||
| CVE-2023-3675 | Med | 0.42 | 6.5 | 0.01 | Apr 18, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Secomea GateManager (Web GUI) allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051. | ||
| CVE-2021-32007 | Low | 0.23 | 3.5 | 0.00 | Dec 13, 2024 | This issue affects: Secomea GateManager Version 9.5 and all prior versions. Protection Mechanism Failure vulnerability in web server of Secomea GateManager to potentially leak information to remote servers. | ||
| CVE-2004-0081 | 0.01 | — | 0.07 | Nov 23, 2004 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | |||
| CVE-2004-0112 | 0.01 | — | 0.10 | Nov 23, 2004 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake… | |||
| CVE-2023-2912 | 0.00 | — | 0.00 | Jul 17, 2023 | Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction. | |||
| CVE-2023-0317 | 0.00 | — | 0.01 | Apr 19, 2023 | Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. | |||
| CVE-2022-4308 | 0.00 | — | 0.00 | Apr 19, 2023 | Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked. | |||
| CVE-2022-2752 | 0.00 | — | 0.00 | Dec 9, 2022 | A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7. | |||
| CVE-2022-38123 | 0.00 | — | 0.01 | Dec 6, 2022 | Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0. | |||
| CVE-2022-25786 | 0.00 | — | 0.01 | May 4, 2022 | Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. This issue affects: GateManager all versions prior to 9.7. | |||
| CVE-2022-25787 | 0.00 | — | 0.00 | May 4, 2022 | Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7. | |||
| CVE-2022-25783 | 0.00 | — | 0.01 | May 4, 2022 | Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7. | |||
| CVE-2022-25782 | 0.00 | — | 0.00 | May 4, 2022 | Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7. | |||
| CVE-2022-25781 | 0.00 | — | 0.00 | May 4, 2022 | Cross-site Scripting (XSS) vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session. | |||
| CVE-2022-25780 | 0.00 | — | 0.01 | May 4, 2022 | Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope. |
- risk 0.64cvss 9.8epss 0.02
file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary…
- risk 0.53cvss 8.2epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033.
- risk 0.53cvss 8.1epss 0.01
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea GateManager (Webserver modules) allows Session Hijacking.This issue affects GateManager: before 11.2.624071020.
- risk 0.50cvss 7.5epss 0.10
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
- risk 0.42cvss 6.5epss 0.00
Improper Authentication vulnerability in Secomea GateManager (webserver modules) allows Authentication Bypass.This issue affects GateManager: 11.4;0.
- risk 0.42cvss 6.5epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Secomea GateManager (Web GUI) allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051.
- risk 0.23cvss 3.5epss 0.00
This issue affects: Secomea GateManager Version 9.5 and all prior versions. Protection Mechanism Failure vulnerability in web server of Secomea GateManager to potentially leak information to remote servers.
- CVE-2004-0081Nov 23, 2004risk 0.01cvss —epss 0.07
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
- CVE-2004-0112Nov 23, 2004risk 0.01cvss —epss 0.10
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake…
- CVE-2023-2912Jul 17, 2023risk 0.00cvss —epss 0.00
Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction.
- CVE-2023-0317Apr 19, 2023risk 0.00cvss —epss 0.01
Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information.
- CVE-2022-4308Apr 19, 2023risk 0.00cvss —epss 0.00
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked.
- CVE-2022-2752Dec 9, 2022risk 0.00cvss —epss 0.00
A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7.
- CVE-2022-38123Dec 6, 2022risk 0.00cvss —epss 0.01
Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0.
- CVE-2022-25786May 4, 2022risk 0.00cvss —epss 0.01
Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. This issue affects: GateManager all versions prior to 9.7.
- CVE-2022-25787May 4, 2022risk 0.00cvss —epss 0.00
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7.
- CVE-2022-25783May 4, 2022risk 0.00cvss —epss 0.01
Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7.
- CVE-2022-25782May 4, 2022risk 0.00cvss —epss 0.00
Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7.
- CVE-2022-25781May 4, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session.
- CVE-2022-25780May 4, 2022risk 0.00cvss —epss 0.01
Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope.