Filtered by vendor Sonicwall
Subscriptions
Total
189 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-3951 | 1 Sonicwall | 1 Scrutinizer | 2024-09-17 | N/A |
| The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session. | ||||
| CVE-2002-2341 | 1 Sonicwall | 1 Soho3 | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. | ||||
| CVE-2018-3639 | 12 Arm, Canonical, Debian and 9 more | 330 Cortex-a, Ubuntu Linux, Debian Linux and 327 more | 2024-09-16 | 5.5 Medium |
| Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | ||||
| CVE-2003-1320 | 1 Sonicwall | 1 Firmware | 2024-09-16 | N/A |
| SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. | ||||
| CVE-2012-3848 | 1 Sonicwall | 1 Scrutinizer | 2024-09-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to d4d/exporters.php, (2) the HTTP Referer header to d4d/exporters.php, or (3) unspecified input to d4d/contextMenu.php. | ||||
| CVE-2024-40766 | 1 Sonicwall | 52 Nsa 2650, Nsa 2700, Nsa 3600 and 49 more | 2024-09-16 | 9.3 Critical |
| An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. | ||||
| CVE-2002-2181 | 1 Sonicwall | 1 Content Filtering | 2024-09-16 | N/A |
| SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name. | ||||
| CVE-2011-5262 | 1 Sonicwall | 4 Aventail Sra Ex6000, Aventail Sra Ex7000, Aventail Sra Ex9000 and 1 more | 2024-09-16 | N/A |
| SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. | ||||
| CVE-2012-2627 | 1 Sonicwall | 1 Scrutinizer | 2024-09-16 | N/A |
| d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote attackers to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request. | ||||
| CVE-2012-2626 | 1 Sonicwall | 1 Scrutinizer | 2024-09-16 | N/A |
| cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative accounts via a userprefs action. | ||||
| CVE-2023-41713 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-09-13 | 7.5 High |
| SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. | ||||
| CVE-2023-39276 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-09-13 | 6.5 Medium |
| SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash. | ||||
| CVE-2023-39277 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-09-13 | 6.5 Medium |
| SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash. | ||||
| CVE-2023-39278 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-09-13 | 6.5 Medium |
| SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash. | ||||
| CVE-2023-39279 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-09-13 | 6.5 Medium |
| SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash. | ||||
| CVE-2023-39280 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-09-13 | 6.5 Medium |
| SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash. | ||||
| CVE-2023-41711 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-09-13 | 6.5 Medium |
| SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash. | ||||
| CVE-2023-41712 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-09-13 | 6.5 Medium |
| SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash. | ||||
| CVE-2024-29014 | 1 Sonicwall | 1 Netextender | 2024-09-10 | 8.8 High |
| Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update. | ||||
| CVE-2024-40764 | 1 Sonicwall | 32 Nsa 2700, Nsa 3700, Nsa 4700 and 29 more | 2024-09-10 | 7.5 High |
| Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS). | ||||