Known Vulnerabilities for products from Forcepoint
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Forcepoint".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-26292 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Securi... | 6.1 - MEDIUM | 2023-03-29 | 2023-11-07 |
| CVE-2023-26291 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Securi... | 6.1 - MEDIUM | 2023-03-29 | 2023-11-07 |
| CVE-2023-26290 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Securi... | 6.1 - MEDIUM | 2023-03-29 | 2023-11-07 |
| CVE-2023-2080 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Securi... | 9.8 - CRITICAL | 2023-06-15 | 2023-06-30 |
| CVE-2022-27609 json | Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering prot... | 6 - MEDIUM | 2022-04-04 | 2022-04-13 |
| CVE-2022-27608 json | Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by user... | 6 - MEDIUM | 2022-04-04 | 2022-04-13 |
| CVE-2022-1700 json | Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prev... | 9.8 - CRITICAL | 2022-09-12 | 2022-09-15 |
| CVE-2021-41530 json | Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplificati... | 7.5 - HIGH | 2021-10-04 | 2021-10-12 |
| CVE-2020-6590 json | Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosu... | 7.5 - HIGH | 2021-04-08 | 2021-09-16 |
| CVE-2019-6147 json | Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circu... | 5.9 - MEDIUM | 2019-12-23 | 2021-09-16 |
| CVE-2019-6146 json | It has been reported that cross-site scripting (XSS) is possible in Forcepoint Web Security, version 8.x, via host header inj... | 6.1 - MEDIUM | 2020-01-22 | 2022-04-18 |
| CVE-2019-6145 json | Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local pr... | 6.7 - MEDIUM | 2019-09-20 | 2022-04-18 |
| CVE-2019-6144 json | This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint (versions 19.04 through 19.08) and... | 6.5 - MEDIUM | 2019-10-23 | 2022-03-31 |
| CVE-2019-6143 json | Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a se... | 9.1 - CRITICAL | 2019-08-20 | 2022-04-18 |
| CVE-2019-6142 json | It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended th... | 6.1 - MEDIUM | 2019-11-05 | 2022-10-27 |
| CVE-2019-6140 json | A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable s... | 9.8 - CRITICAL | 2019-04-09 | 2022-03-31 |
| CVE-2019-6139 json | Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Succe... | 9.8 - CRITICAL | 2019-02-07 | 2022-04-18 |
| CVE-2018-16530 json | A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potent... | 9.8 - CRITICAL | 2019-04-09 | 2022-10-28 |
| CVE-2018-16529 json | A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used aft... | 9.8 - CRITICAL | 2019-03-28 | 2022-04-22 |
| CVE-2004-0112 json | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check... | Not Provided | 2004-11-23 | 2025-04-03 |
Known software with vulnerabilities from Forcepoint
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Forcepoint | Email Security | 7.6 |
| Application | Forcepoint | Next Generation Firewall | 6.4.0 |
| Application | Forcepoint | Next Generation Firewall Security Management Center | 6.3.0 |
| Application | Forcepoint | One Endpoint | 19.04 |
| Application | Forcepoint | Security Manager | 8.5 |
| Application | Forcepoint | User Id | 1.1 |
| Application | Forcepoint | Vpn Client | - |
| Application | Forcepoint | Web Security | 8.0.0 |