Hosted Email Security CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-2324	1 Sonicwall	1 Hosted Email Security	2025-10-31	7.5 High
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions
CVE-2021-20023	1 Sonicwall	2 Email Security, Hosted Email Security	2025-10-22	4.9 Medium
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.
CVE-2021-20022	1 Sonicwall	2 Email Security, Hosted Email Security	2025-10-22	7.2 High
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.
CVE-2021-20021	1 Sonicwall	2 Email Security, Hosted Email Security	2025-10-22	9.8 Critical
A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.

Page 1 of 1.