Sonicwall

Sonicos

70 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2020-5132

  • EPSS 0.17%
  • Published 30.09.2020 06:15:12
  • Last modified 21.11.2024 05:33:36

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN auth...

5.3

CVE-2020-5130

  • EPSS 0.55%
  • Published 17.07.2020 18:15:12
  • Last modified 21.11.2024 05:33:35

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier.

7.2

CVE-2019-7479

  • EPSS 0.25%
  • Published 31.12.2019 02:15:10
  • Last modified 21.11.2024 04:48:15

A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6....

7.8

CVE-2019-7487

  • EPSS 0.04%
  • Published 19.12.2019 01:15:11
  • Last modified 21.11.2024 04:48:16

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.

9.8

CVE-2019-12261

  • EPSS 13.4%
  • Published 09.08.2019 21:15:11
  • Last modified 21.11.2024 04:22:30

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.

9.8

CVE-2019-12260

  • EPSS 21.05%
  • Published 09.08.2019 21:15:11
  • Last modified 21.11.2024 04:22:30

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.

7.5

CVE-2019-12258

  • EPSS 14.88%
  • Published 09.08.2019 20:15:11
  • Last modified 21.11.2024 04:22:30

Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.

9.8

CVE-2019-12255

Exploit
  • EPSS 82.38%
  • Published 09.08.2019 20:15:11
  • Last modified 21.11.2024 04:22:29

Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.

7.5

CVE-2019-12259

  • EPSS 9.76%
  • Published 09.08.2019 19:15:11
  • Last modified 21.11.2024 04:22:30

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.

8.1

CVE-2019-12263

  • EPSS 1.44%
  • Published 09.08.2019 19:15:11
  • Last modified 21.11.2024 04:22:31

Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.