Vulnerabilities > Sonicwall > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2023-6340 | Out-of-bounds Write vulnerability in Sonicwall Capture Client and Netextender SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. | 5.5 |
| 2023-10-17 | CVE-2023-39276 | Out-of-bounds Write vulnerability in Sonicwall Sonicos SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash. | 6.5 |
| 2023-10-17 | CVE-2023-39277 | Out-of-bounds Write vulnerability in Sonicwall Sonicos SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash. | 6.5 |
| 2023-10-17 | CVE-2023-39278 | Out-of-bounds Write vulnerability in Sonicwall Sonicos SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash. | 6.5 |
| 2023-10-17 | CVE-2023-39279 | Out-of-bounds Write vulnerability in Sonicwall Sonicos SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash. | 6.5 |
| 2023-10-17 | CVE-2023-39280 | Out-of-bounds Write vulnerability in Sonicwall Sonicos SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash. | 6.5 |
| 2023-10-17 | CVE-2023-41711 | Out-of-bounds Write vulnerability in Sonicwall Sonicos SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash. | 6.5 |
| 2023-10-17 | CVE-2023-41712 | Out-of-bounds Write vulnerability in Sonicwall Sonicos SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash. | 6.5 |
| 2023-07-13 | CVE-2023-34131 | Unspecified vulnerability in Sonicwall Analytics and Global Management System Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. | 5.3 |
| 2023-07-13 | CVE-2023-34134 | Unspecified vulnerability in Sonicwall Analytics and Global Management System Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator password hash via a web service call. | 6.5 |