Vulnerabilities > Sonicwall > Sonicos > 5.0.0.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-12 | CVE-2020-5140 | Out-of-bounds Read vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. | 5.0 |
| 2020-10-12 | CVE-2020-5139 | Release of Invalid Pointer or Reference vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. | 5.0 |
| 2020-10-12 | CVE-2020-5138 | Out-of-bounds Write vulnerability in Sonicwall Sonicos and Sonicosv A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. | 5.0 |
| 2020-10-12 | CVE-2020-5137 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. | 5.0 |
| 2020-10-12 | CVE-2020-5136 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. | 4.0 |
| 2020-10-12 | CVE-2020-5135 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. | 7.5 |
| 2020-10-12 | CVE-2020-5134 | Out-of-bounds Read vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. | 4.0 |
| 2020-07-17 | CVE-2020-5130 | Improper Input Validation vulnerability in Sonicwall Sonicos SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. | 5.0 |
| 2019-12-31 | CVE-2019-7479 | Improper Privilege Management vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. | 6.5 |
| 2019-12-19 | CVE-2019-7487 | Unquoted Search Path or Element vulnerability in Sonicwall Sonicos and Sonicos Sslvpn Nacagent Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. | 4.6 |