Filtered by vendor Sonicwall Subscriptions
Filtered by product Global Vpn Client Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-6273 1 Sonicwall 1 Global Vpn Client 2024-08-07 N/A
Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries.
CVE-2020-5145 1 Sonicwall 1 Global Vpn Client 2024-08-04 8.6 High
SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.
CVE-2020-5144 1 Sonicwall 1 Global Vpn Client 2024-08-04 7.8 High
SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.
CVE-2021-20037 1 Sonicwall 1 Global Vpn Client 2024-08-03 7.8 High
SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and earlier.
CVE-2021-20051 1 Sonicwall 1 Global Vpn Client 2024-08-03 7.8 High
SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system.
CVE-2021-20047 1 Sonicwall 1 Global Vpn Client 2024-08-03 7.8 High
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system.