Forcepoint Email Security — known CVE vulnerabilities
Every CVE whose affected-product data names Forcepoint Email Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2018-16529 — CVSS 9.8 (critical): A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the…
CVE-2018-16530 — CVSS 9.8 (critical): A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a…
CVE-2019-6140 — CVSS 9.8 (critical): A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the…
CVE-2024-2166 — CVSS 8.8 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time…
CVE-2023-2080 — CVSS 8.5 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway…
CVE-2020-6590 — CVSS 7.5 (high): Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure.
CVE-2022-1700 — CVSS 7.5 (high): Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP)…
CVE-2019-6142 — CVSS 6.1 (medium): It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply…