Vulnerabilidades em Forcepoint
24 resultadosCVE-2018-16530—A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a pEPSS 3.4%CVE-2018-16529—A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intendedEPSS 1.6%CVE-2019-6140—A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the hybEPSS 1.4%CVE-2019-6143—Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authenticEPSS 1.1%CVE-2019-6147—Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can coEPSS 0.7%CVE-2022-1700HIGHImproper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), wEPSS 0.7%CVE-2019-6145—Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalatEPSS 0.7%CVE-2019-6142—It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply thEPSS 0.6%CVE-2023-2080HIGHImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSGEPSS 0.5%CVE-2023-6452CRITICALImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Web Security (Transaction VEPSS 0.4%CVE-2023-26291MEDIUMImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSGEPSS 0.4%CVE-2023-26290MEDIUMImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSGEPSS 0.4%CVE-2023-26292MEDIUMImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSGEPSS 0.4%CVE-2023-5451MEDIUMForcepoint
NGFW Security Management Center Management Server has SMC Downloads
optional feature to offer standalone Management Client downEPSS 0.3%CVE-2024-2166HIGHImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time MEPSS 0.3%CVE-2024-9103MEDIUMPersistent XSS in blocked messagesEPSS 0.2%CVE-2022-27608MEDIUMForcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with AdministEPSS 0.2%CVE-2022-27609MEDIUMForcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of serviEPSS 0.2%CVE-2025-14026HIGHVulnerable Python version used in Forcepoint One DLP ClientEPSS 0.2%CVE-2025-2274MEDIUMStored Cross Site Scripting in Forcepoint Web SecurityEPSS 0.2%