CVE Tools

imperva

Networking Infrastructurecommercial

8

Cumulative CVEs

4

Monthly snapshots

#23

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting imperva.

CVE-2021-45468Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests...9.8Jan 14, 2022
CVE-2011-5266Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.9.8Jan 8, 2020
CVE-2018-16660A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable instal...8.8Apr 25, 2019
CVE-2018-5413Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation.8.8Jan 10, 2019
CVE-2018-5403Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RC...8.1Jan 10, 2019
CVE-2018-5412Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode.7.8Jan 10, 2019
CVE-2018-19646The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled.9.8Nov 28, 2018
CVE-2011-4887Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers...4.3Sep 11, 2014
CVE-2013-4095plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with ...6.5Jun 28, 2013
CVE-2013-4094The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) pr...6.5Jun 28, 2013
CVE-2013-4091The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.js...7.5Jun 28, 2013
CVE-2013-4092The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a se...5.0Jun 28, 2013
CVE-2013-4093The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/As...5.0Jun 28, 2013
CVE-2011-0767Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbit...4.3Jun 6, 2011
CVE-2010-1329Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appen...7.8Apr 15, 2010