Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonic vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2024-21418
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
1 Article
7.5
CVSSv3
CVE-2023-24574
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumptio...
Dell Enterprise Sonic Distribution
7.5
CVSSv3
CVE-2022-34425
Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication.
Dell Enterprise Sonic Distribution 4.0.1
Dell Enterprise Sonic Distribution 4.0.0
6.5
CVSSv3
CVE-2021-36309
Dell Enterprise SONiC OS, versions 3.3.0 and previous versions, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further at...
Dell Enterprise Sonic Os
5.3
CVSSv3
CVE-2019-12968
A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_Versions 9 to 11 inclusive) distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowin...
Drdteam Doomseeker 1.2
Drdteam Doomseeker 1.1
4.3
CVSSv3
CVE-2022-46959
An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows malicious users to execute a directory traversal.
Sonic Project Sonic 1.0.4
NA
CVE-2024-31961
A SQL injection vulnerability in unit.php in Sonic Shopfloor.guide prior to 3.1.3 allows remote malicious users to execute arbitrary SQL commands via the level2 parameter.
NA
CVE-2023-32484
Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability. A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. Th...
NA
CVE-2014-5696
The Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application 2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Sega Sonic 4 Episode Ii Lite 2.3
NA
CVE-2014-5705
The Sonic CD Lite (aka com.soa.sega.soniccdlite) application 1.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Sega Sonic Cd Lite 1.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »