Filtered by vendor Sonicwall
Subscribe
Total
167 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-7489 | 1 Sonicwall | 1 Email Security Appliance | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | |||||
CVE-2019-7488 | 1 Sonicwall | 1 Email Security Appliance | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | |||||
CVE-2019-7481 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier. | |||||
CVE-2019-7483 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server. | |||||
CVE-2013-1359 | 1 Sonicwall | 4 Analyzer, Global Management System, Universal Management Appliance and 1 more | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account. | |||||
CVE-2019-7487 | 2 Microsoft, Sonicwall | 3 Windows, Sonicos, Sonicos Sslvpn Nacagent | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. | |||||
CVE-2019-7482 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | |||||
CVE-2019-7484 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | |||||
CVE-2019-7485 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | |||||
CVE-2013-1360 | 1 Sonicwall | 4 Analyzer, Global Management System, Universal Management Appliance and 1 more | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access. | |||||
CVE-2019-7479 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). | |||||
CVE-2019-7474 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). | |||||
CVE-2019-7476 | 1 Sonicwall | 1 Global Management System | 2024-02-04 | 6.8 MEDIUM | 8.1 HIGH |
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier. | |||||
CVE-2019-12261 | 6 Belden, Netapp, Oracle and 3 more | 51 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 48 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. | |||||
CVE-2019-12257 | 5 Belden, Netapp, Siemens and 2 more | 46 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 43 more | 2024-02-04 | 5.8 MEDIUM | 8.8 HIGH |
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. | |||||
CVE-2019-12256 | 5 Belden, Netapp, Siemens and 2 more | 50 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 47 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options. | |||||
CVE-2019-12259 | 4 Belden, Siemens, Sonicwall and 1 more | 49 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 46 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. | |||||
CVE-2019-12263 | 5 Belden, Netapp, Siemens and 2 more | 50 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 47 more | 2024-02-04 | 6.8 MEDIUM | 8.1 HIGH |
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. | |||||
CVE-2019-12255 | 5 Belden, Netapp, Siemens and 2 more | 50 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 47 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. | |||||
CVE-2019-7475 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). |