Filtered by vendor Bluecoat
Subscriptions
Total
33 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4485 | 1 Bluecoat | 1 Security Gateway Os | 2017-08-08 | N/A |
| Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2007-0796 | 1 Bluecoat | 1 Winproxy | 2017-07-29 | N/A |
| Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption. | ||||
| CVE-2016-6594 | 1 Bluecoat | 3 Advanced Secure Gateway, Cacheflow, Proxysg | 2017-06-24 | N/A |
| Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning. | ||||
| CVE-2005-1710 | 1 Bluecoat | 1 Reporter | 2016-10-18 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page. | ||||
| CVE-2005-1708 | 1 Bluecoat | 1 Reporter | 2016-10-18 | N/A |
| templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true. | ||||
| CVE-2015-8597 | 1 Bluecoat | 2 Advanced Secure Gateway, Proxysg | 2016-01-13 | N/A |
| Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%." | ||||
| CVE-2014-2565 | 1 Bluecoat | 2 Content Analysis System, Content Analysis System Software | 2014-05-01 | N/A |
| The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection." | ||||
| CVE-2013-5959 | 1 Bluecoat | 2 Proxysg, Proxysgos | 2013-10-11 | N/A |
| Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests. | ||||
| CVE-2005-4085 | 1 Bluecoat | 2 Proxyav, Webproxy | 2011-03-08 | N/A |
| Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. | ||||
| CVE-2005-3654 | 1 Bluecoat | 1 Webproxy | 2011-03-08 | N/A |
| Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the Telnet port (TCP 23), which corrupts the heap. | ||||
| CVE-2005-3187 | 1 Bluecoat | 1 Winproxy | 2011-03-08 | N/A |
| The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read. | ||||
| CVE-2005-1709 | 1 Bluecoat | 1 Reporter | 2011-03-08 | N/A |
| Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license. | ||||
| CVE-2002-1060 | 1 Bluecoat | 1 Cacheos | 2008-09-05 | N/A |
| Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page. | ||||