Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield stormshield network security vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-23989
In Stormshield Network Security (SNS) prior to 3.7.25, 3.8.x up to and including 3.11.x prior to 3.11.13, 4.x prior to 4.2.10, and 4.3.x prior to 4.3.5, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the block...
Stormshield Network Security
7.5
CVSSv3
CVE-2021-45885
An issue exists in Stormshield Network Security (SNS) 4.2.2 up to and including 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.
Stormshield Network Security
7.5
CVSSv3
CVE-2021-28665
Stormshield SNS with versions prior to 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.
Stormshield Network Security
7.5
CVSSv3
CVE-2022-30279
An issue exists in Stormshield Network Security (SNS) 4.3.x prior to 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to ...
Stormshield Network Security
7.5
CVSSv3
CVE-2023-47091
An issue exists in Stormshield Network Security (SNS) SNS 4.3.13 up to and including 4.3.22 prior to 4.3.23, SNS 4.6.0 up to and including 4.6.9 prior to 4.6.10, and SNS 4.7.0 up to and including 4.7.1 prior to 4.7.2. An attacker can overflow the cookie threshold, making an IPsec...
Stormshield Network Security
7.5
CVSSv3
CVE-2022-27812
Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS.
Stormshield Network Security
5.5
CVSSv3
CVE-2021-27506
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.1...
Stormshield Network Security
Netasq Project Netasq
Clamav Clamav
7.5
CVSSv3
CVE-2023-0215
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receive...
Openssl Openssl
Stormshield Stormshield Management Center
1 Github repository
7.5
CVSSv3
CVE-2022-40617
strongSwan prior to 5.9.8 allows remote malicious users to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn'...
Strongswan Strongswan
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 37
Stormshield Stormshield Network Security
7.8
CVSSv3
CVE-2021-27932
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 up to and including 2.8.0 has Insecure Permissions.
Stormshield Ssl Vpn Client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »