Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield network security vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-20032
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and previous versions, 0.105.1 and previous versions, and 0.103.7 and previous versions could allow an unauthentic...
Cisco Web Security Appliance
Cisco Secure Endpoint Private Cloud
Cisco Secure Endpoint
Clamav Clamav 1.0.0
Clamav Clamav
Stormshield Stormshield Network Security
2 Github repositories
1 Article
9.8
CVSSv3
CVE-2022-37434
zlib up to and including 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may...
Zlib Zlib
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node -
Netapp Management Services For Element Software -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Apple Macos
Apple Iphone Os
Apple Watchos
Apple Ipados
Stormshield Stormshield Network Security
3 Github repositories
9.8
CVSSv3
CVE-2021-31617
In ASQ in Stormshield Network Security (SNS) 1.0.0 up to and including 2.7.8, 2.8.0 up to and including 2.16.0, 3.0.0 up to and including 3.7.20, 3.8.0 up to and including 3.11.8, and 4.0.1 up to and including 4.2.2, mishandling of memory management can lead to remote code execut...
Stormshield Network Security
9.8
CVSSv3
CVE-2020-7465
The L2TP implementation of MPD prior to 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).
Mpd Project Mpd
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 4.4.0
8.2
CVSSv3
CVE-2018-20850
Stormshield Network Security 2.0.0 up to and including 2.13.0 and 3.0.0 up to and including 3.7.1 has self-XSS in the command line interface of the SNS web server.
Stormshield Stormshield Network Security
7.8
CVSSv3
CVE-2021-27932
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 up to and including 2.8.0 has Insecure Permissions.
Stormshield Ssl Vpn Client
7.5
CVSSv3
CVE-2023-28616
An issue exists in Stormshield Network Security (SNS) prior to 4.3.17, 4.4.x up to and including 4.6.x prior to 4.6.4, and 4.7.x prior to 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in clear...
Stormshield Network Security 4.7.0
Stormshield Network Security
7.5
CVSSv3
CVE-2023-47091
An issue exists in Stormshield Network Security (SNS) SNS 4.3.13 up to and including 4.3.22 prior to 4.3.23, SNS 4.6.0 up to and including 4.6.9 prior to 4.6.10, and SNS 4.7.0 up to and including 4.7.1 prior to 4.7.2. An attacker can overflow the cookie threshold, making an IPsec...
Stormshield Network Security
7.5
CVSSv3
CVE-2023-26095
ASQ in Stormshield Network Security (SNS) 4.3.15 prior to 4.3.16 and 4.6.x prior to 4.6.3 allows a crash when analysing a crafted SIP packet.
Stormshield Network Security
Stormshield Network Security 4.3.15
7.5
CVSSv3
CVE-2023-0215
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receive...
Openssl Openssl
Stormshield Stormshield Management Center
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »