Vulnerabilities > Sonicwall > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-08-09 CVE-2019-12261 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4).
network
low complexity
windriver sonicwall siemens netapp oracle belden CWE-120
critical
 9.8
9.8
2019-08-09 CVE-2019-12260 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4).
network
low complexity
windriver sonicwall siemens netapp oracle belden CWE-120
critical
 9.8
9.8
2019-08-09 CVE-2019-12255 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4).
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
critical
 9.8
9.8
2019-08-09 CVE-2019-12256 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component.
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
critical
 9.8
9.8
2019-04-02 CVE-2019-7475 Unspecified vulnerability in Sonicwall Sonicos and Sonicosv
A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services.
network
low complexity
sonicwall
critical
 9.8
9.8
2018-08-03 CVE-2018-9866 Improper Input Validation vulnerability in Sonicwall Global Management System
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code.
network
low complexity
sonicwall CWE-20
critical
 9.8
9.8
2016-02-17 CVE-2016-2397 Command Injection vulnerability in Sonicwall products
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.
network
low complexity
sonicwall CWE-77
critical
 9.8
9.8
2016-02-17 CVE-2016-2396 Command Injection vulnerability in Sonicwall products
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
network
low complexity
sonicwall CWE-77
critical
 9.9
9.9