Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonic vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31961
A SQL injection vulnerability in unit.php in Sonic Shopfloor.guide prior to 3.1.3 allows remote malicious users to execute arbitrary SQL commands via the level2 parameter.
NA
CVE-2024-21418
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
1 Article
NA
CVE-2023-32484
Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability. A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. Th...
NA
CVE-2023-24574
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumptio...
Dell Enterprise Sonic Distribution
NA
CVE-2022-46959
An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows malicious users to execute a directory traversal.
Sonic Project Sonic 1.0.4
NA
CVE-2022-34425
Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication.
Dell Enterprise Sonic Distribution 4.0.1
Dell Enterprise Sonic Distribution 4.0.0
356
VMScore
CVE-2021-36309
Dell Enterprise SONiC OS, versions 3.3.0 and previous versions, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further at...
Dell Enterprise Sonic Os
445
VMScore
CVE-2019-12968
A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_Versions 9 to 11 inclusive) distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowin...
Drdteam Doomseeker 1.2
Drdteam Doomseeker 1.1
481
VMScore
CVE-2014-5696
The Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application 2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Sega Sonic 4 Episode Ii Lite 2.3
481
VMScore
CVE-2014-5705
The Sonic CD Lite (aka com.soa.sega.soniccdlite) application 1.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Sega Sonic Cd Lite 1.0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »