Sonicwall

Sonicos

70 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2019-12265

  • EPSS 4.59%
  • Veröffentlicht 09.08.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:22:31

Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.

8.8

CVE-2019-12257

  • EPSS 15.36%
  • Veröffentlicht 09.08.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:22:30

Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.

9.8

CVE-2019-12256

  • EPSS 8.2%
  • Veröffentlicht 09.08.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:22:29

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.

7.5

CVE-2019-7477

  • EPSS 0.2%
  • Veröffentlicht 02.04.2019 18:30:25
  • Zuletzt bearbeitet 21.11.2024 04:48:15

A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7...

9.8

CVE-2019-7475

  • EPSS 0.25%
  • Veröffentlicht 02.04.2019 18:30:25
  • Zuletzt bearbeitet 21.11.2024 04:48:15

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 vers...

6.5

CVE-2019-7474

  • EPSS 0.22%
  • Veröffentlicht 02.04.2019 18:30:25
  • Zuletzt bearbeitet 21.11.2024 04:48:15

A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earli...

5.5

CVE-2018-9867

  • EPSS 0.02%
  • Veröffentlicht 19.02.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:50

In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected...

5.4

CVE-2018-5281

Exploit
  • EPSS 0.34%
  • Veröffentlicht 08.01.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:29

SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.

5.4

CVE-2018-5280

Exploit
  • EPSS 0.3%
  • Veröffentlicht 08.01.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:29

SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.

4.3

CVE-2015-3447

Exploit
  • EPSS 0.74%
  • Veröffentlicht 29.04.2015 20:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter.