Filtered by vendor Sonicwall
Subscriptions
Total
197 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5136 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 6.5 Medium |
| A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. | ||||
| CVE-2020-5134 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 6.5 Medium |
| A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. | ||||
| CVE-2020-5133 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 7.5 High |
| A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. | ||||
| CVE-2020-5132 | 1 Sonicwall | 3 Sma100, Sma100 Firmware, Sonicos | 2024-11-21 | 5.3 Medium |
| SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability. | ||||
| CVE-2020-5131 | 1 Sonicwall | 1 Netextender | 2024-11-21 | 7.8 High |
| SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier. | ||||
| CVE-2020-5130 | 1 Sonicwall | 1 Sonicos | 2024-11-21 | 5.3 Medium |
| SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier. | ||||
| CVE-2020-5129 | 1 Sonicwall | 2 Sma1000, Sma1000 Firmware | 2024-11-21 | 7.5 High |
| A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier. | ||||
| CVE-2019-7489 | 1 Sonicwall | 1 Email Security Appliance | 2024-11-21 | 9.8 Critical |
| A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | ||||
| CVE-2019-7488 | 1 Sonicwall | 1 Email Security Appliance | 2024-11-21 | 9.8 Critical |
| Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | ||||
| CVE-2019-7487 | 2 Microsoft, Sonicwall | 3 Windows, Sonicos, Sonicos Sslvpn Nacagent | 2024-11-21 | 7.8 High |
| Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. | ||||
| CVE-2019-7486 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 8.8 High |
| Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier. | ||||
| CVE-2019-7485 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 8.8 High |
| Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-7484 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 6.5 Medium |
| Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-7482 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 9.8 Critical |
| Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-7479 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 7.2 High |
| A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). | ||||
| CVE-2019-7478 | 1 Sonicwall | 1 Global Management System | 2024-11-21 | 9.8 Critical |
| A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1. | ||||
| CVE-2019-7477 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | N/A |
| A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). | ||||
| CVE-2019-7476 | 1 Sonicwall | 1 Global Management System | 2024-11-21 | 8.1 High |
| A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier. | ||||
| CVE-2019-7475 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 9.8 Critical |
| A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). | ||||
| CVE-2019-7474 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 6.5 Medium |
| A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). | ||||