Vulnerabilities > Sonicwall
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-05 | CVE-2007-5603 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sonicwall SSL VPN Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method. | 9.3 |
| 2005-05-02 | CVE-2005-1006 | Cross-site Scripting vulnerability in Sonicwall Soho Firmware 5.1.7.0 Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file. | 4.3 |
| 2003-12-31 | CVE-2003-1490 | Improper Input Validation vulnerability in Sonicwall Pro100, Pro200 and Pro300 SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. | 7.8 |
| 2003-12-31 | CVE-2003-1320 | Resource Management Errors vulnerability in Sonicwall Firmware SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. | 5.1 |
| 2002-12-31 | CVE-2002-2341 | Cross-Site Scripting vulnerability in Sonicwall Soho3 6.3.0.0 Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. | 4.3 |
| 2002-12-31 | CVE-2002-2181 | Unspecified vulnerability in Sonicwall Content Filtering SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name. | 5.0 |
| 2001-07-25 | CVE-2001-1104 | Unspecified vulnerability in Sonicwall Soho Firmware 4.0.0/5.0.0/5.1.5.0 SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions. | 7.5 |
| 2001-06-18 | CVE-2001-0376 | Remote Security vulnerability in Tele2 SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. | 7.5 |
| 2001-01-09 | CVE-2000-1098 | Unspecified vulnerability in Sonicwall Soho Firewall 4.0.0/5.0.0 The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. | 5.0 |
| 2001-01-09 | CVE-2000-1097 | Unspecified vulnerability in Sonicwall Soho Firewall 4.0.0/5.0.0 The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. | 5.0 |