Vulnerabilities > Sonicwall
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-09 | CVE-2019-12257 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. | 8.8 |
| 2019-08-09 | CVE-2019-12256 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. | 9.8 |
| 2019-04-26 | CVE-2019-7476 | Insecure Default Initialization of Resource vulnerability in Sonicwall Global Management System A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. | 8.1 |
| 2019-04-02 | CVE-2019-7477 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. | 7.5 |
| 2019-04-02 | CVE-2019-7475 | Unspecified vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. | 9.8 |
| 2019-04-02 | CVE-2019-7474 | Improper Handling of Exceptional Conditions vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. | 6.5 |
| 2019-02-19 | CVE-2018-9867 | Incorrect Permission Assignment for Critical Resource vulnerability in Sonicwall Sonicos and Sonicosv In SonicWall SonicOS, administrators without full permissions can download imported certificates. | 5.5 |
| 2018-08-03 | CVE-2018-9866 | Improper Input Validation vulnerability in Sonicwall Global Management System A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. | 9.8 |
| 2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 5.5 |
| 2018-01-14 | CVE-2018-5691 | Cross-site Scripting vulnerability in Sonicwall Analyzer and Global Management System SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module. | 5.4 |