Sonicwall

Sonicos

70 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-22275

  • EPSS 0.26%
  • Published 27.04.2022 17:15:07
  • Last modified 21.11.2024 06:46:32

Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.

9.8

CVE-2022-22274

  • EPSS 40.44%
  • Published 25.03.2022 23:15:08
  • Last modified 21.11.2024 06:46:32

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.

8.8

CVE-2021-20048

  • EPSS 1.13%
  • Published 10.01.2022 14:10:16
  • Last modified 21.11.2024 05:45:51

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, ...

8.8

CVE-2021-20046

  • EPSS 1.13%
  • Published 10.01.2022 14:10:16
  • Last modified 21.11.2024 05:45:50

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Ge...

6.1

CVE-2021-20031

Exploit
  • EPSS 36.22%
  • Published 12.10.2021 23:15:07
  • Last modified 21.11.2024 05:45:49

A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.

7.5

CVE-2021-20019

  • EPSS 1.05%
  • Published 23.06.2021 22:15:08
  • Last modified 21.11.2024 05:45:47

A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.

7.5

CVE-2021-20027

  • EPSS 0.43%
  • Published 14.06.2021 23:15:07
  • Last modified 21.11.2024 05:45:48

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.

7.4

CVE-2021-3450

  • EPSS 0.69%
  • Published 25.03.2021 15:15:13
  • Last modified 21.11.2024 06:21:33

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly ...

5.9

CVE-2021-3449

  • EPSS 13.18%
  • Published 25.03.2021 15:15:13
  • Last modified 21.11.2024 06:21:33

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but incl...

7.5

CVE-2020-5140

  • EPSS 0.51%
  • Published 12.10.2020 11:15:13
  • Last modified 21.11.2024 05:33:37

A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 ver...