Vulnerabilities > Sonicwall
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-12 | CVE-2020-5138 | Out-of-bounds Write vulnerability in Sonicwall Sonicos and Sonicosv A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. | 7.5 |
| 2020-10-12 | CVE-2020-5137 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. | 7.5 |
| 2020-10-12 | CVE-2020-5136 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. | 6.5 |
| 2020-10-12 | CVE-2020-5135 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. | 9.8 |
| 2020-10-12 | CVE-2020-5134 | Out-of-bounds Read vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. | 6.5 |
| 2020-10-12 | CVE-2020-5133 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. | 7.5 |
| 2020-09-30 | CVE-2020-5132 | Unspecified vulnerability in Sonicwall Sma100 Firmware and Sonicos SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. | 5.3 |
| 2020-07-17 | CVE-2020-5131 | Improper Input Validation vulnerability in Sonicwall Netextender SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. | 7.8 |
| 2020-07-17 | CVE-2020-5130 | Improper Input Validation vulnerability in Sonicwall Sonicos SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. | 5.3 |
| 2020-03-26 | CVE-2020-5129 | HTTP Request Smuggling vulnerability in Sonicwall Sma1000 Firmware 12.1.006411 A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. | 7.5 |