Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicwall firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0376
SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote malicious user ...
Sonicwall Soho2 6.0.0
Sonicwall Tele2 6.0.0
8.8
CVSSv3
CVE-2021-20048
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated malicious user to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware...
Sonicwall Sonicos
8.8
CVSSv3
CVE-2021-20046
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated malicious user to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 fir...
Sonicwall Sonicos
NA
CVE-2015-4173
Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender prior to 7.5.227 and 8.0.x prior to 8.0.238, as used in the SRA firmware prior to 7.5.1.2-40sv and 8.x prior to 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse pro...
Sonicwall Netextender
7.5
CVSSv3
CVE-2023-0126
Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated malicious user to access arbitrary files and directories stored outside the web root directory.
Sonicwall Sma1000 Firmware 12.4.2
2 Github repositories
9.8
CVSSv3
CVE-2024-22394
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote malicious user to bypass authentication. This issue affects only firmware version SonicOS 7.1.1-7040.
Sonicwall Sonicos 7.1.1-7040
NA
CVE-2003-1320
SonicWALL firmware prior to 6.4.0.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of ...
Sonicwall Firmware
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
5.9
CVSSv3
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
9
CVSSv3
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
197 Github repositories
9 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »