This page lists publicly disclosed CVE vulnerabilities affecting finjan_software surfingate (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2005-1994 | Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e". | [email protected] | 5.0 | 1.43% | 2005-06-14 | 2026-06-16 |
| CVE-2004-2107 | Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server. | [email protected] | 7.5 | 7.74% | 2004-12-31 | 2026-06-16 |
| CVE-2002-1962 | Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname. | [email protected] | 7.5 | 1.63% | 2002-12-31 | 2026-06-16 |
| CVE-2002-1961 | Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL whose hostname portion uses a fully qualified domain name (FQDN) that ends in a "." (dot). | [email protected] | 7.5 | 1.81% | 2002-12-31 | 2026-06-16 |