Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonic vulnerabilities and exploits
(subscribe to this query)
940
VMScore
CVE-2009-1815
Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote malicious users to execute arbitrary code via a long string in a playlist file, as demonstrated by a long .mp3 URL in a .m3u file.
Sonicspot Audioactive Player 1.93b
2 EDB exploits
755
VMScore
CVE-2010-4987
SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote malicious users to execute arbitrary SQL commands via the p parameter.
Kmsoft Guestbook -
1 EDB exploit
481
VMScore
CVE-2014-5696
The Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application 2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Sega Sonic 4 Episode Ii Lite 2.3
481
VMScore
CVE-2014-5705
The Sonic CD Lite (aka com.soa.sega.soniccdlite) application 1.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Sega Sonic Cd Lite 1.0.4
445
VMScore
CVE-2019-12968
A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_Versions 9 to 11 inclusive) distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowin...
Drdteam Doomseeker 1.2
Drdteam Doomseeker 1.1
356
VMScore
CVE-2021-36309
Dell Enterprise SONiC OS, versions 3.3.0 and previous versions, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further at...
Dell Enterprise Sonic Os
NA
CVE-2024-31961
A SQL injection vulnerability in unit.php in Sonic Shopfloor.guide prior to 3.1.3 allows remote malicious users to execute arbitrary SQL commands via the level2 parameter.
NA
CVE-2024-21418
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
1 Article
NA
CVE-2023-32484
Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability. A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. Th...
NA
CVE-2023-24574
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumptio...
Dell Enterprise Sonic Distribution
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »