Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield stormshield network security vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-28665
Stormshield SNS with versions prior to 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.
Stormshield Network Security
9.8
CVSSv3
CVE-2021-31617
In ASQ in Stormshield Network Security (SNS) 1.0.0 up to and including 2.7.8, 2.8.0 up to and including 2.16.0, 3.0.0 up to and including 3.7.20, 3.8.0 up to and including 3.11.8, and 4.0.1 up to and including 4.2.2, mishandling of memory management can lead to remote code execut...
Stormshield Network Security
7.5
CVSSv3
CVE-2023-47091
An issue exists in Stormshield Network Security (SNS) SNS 4.3.13 up to and including 4.3.22 prior to 4.3.23, SNS 4.6.0 up to and including 4.6.9 prior to 4.6.10, and SNS 4.7.0 up to and including 4.7.1 prior to 4.7.2. An attacker can overflow the cookie threshold, making an IPsec...
Stormshield Network Security
5.3
CVSSv3
CVE-2021-3384
A vulnerability in Stormshield Network Security could allow an malicious user to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts via IPv4 or IPv6. This affects versions 2.0.0 to 2.7.7, 2.8.0 to 2.16.0, 3.0...
Stormshield Network Security
7.5
CVSSv3
CVE-2022-23989
In Stormshield Network Security (SNS) prior to 3.7.25, 3.8.x up to and including 3.11.x prior to 3.11.13, 4.x prior to 4.2.10, and 4.3.x prior to 4.3.5, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the block...
Stormshield Network Security
7.5
CVSSv3
CVE-2022-27812
Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS.
Stormshield Network Security
5.5
CVSSv3
CVE-2021-27506
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.1...
Stormshield Network Security
Netasq Project Netasq
Clamav Clamav
7.5
CVSSv3
CVE-2023-0215
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receive...
Openssl Openssl
Stormshield Stormshield Management Center
1 Github repository
7.5
CVSSv3
CVE-2022-40617
strongSwan prior to 5.9.8 allows remote malicious users to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn'...
Strongswan Strongswan
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 37
Stormshield Stormshield Network Security
7.8
CVSSv3
CVE-2021-27932
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 up to and including 2.8.0 has Insecure Permissions.
Stormshield Ssl Vpn Client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »