Vulnerabilities > Sonicwall > Sonicos > 6.2.9.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-02 | CVE-2023-1101 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sonicwall Sonicos SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes. | 8.8 |
| 2022-03-25 | CVE-2022-22274 | Out-of-bounds Write vulnerability in Sonicwall Sonicos A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall. | 7.5 |
| 2022-01-10 | CVE-2021-20046 | Out-of-bounds Write vulnerability in Sonicwall Sonicos A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. | 6.5 |
| 2022-01-10 | CVE-2021-20048 | Out-of-bounds Write vulnerability in Sonicwall Sonicos A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. | 6.5 |
| 2021-10-12 | CVE-2021-20031 | Open Redirect vulnerability in Sonicwall Sonicos A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains. | 5.8 |
| 2021-06-14 | CVE-2021-20027 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. | 5.0 |
| 2021-03-25 | CVE-2021-3450 | Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. | 7.4 |
| 2020-07-17 | CVE-2020-5130 | Improper Input Validation vulnerability in Sonicwall Sonicos SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. | 5.0 |
| 2019-12-19 | CVE-2019-7487 | Unquoted Search Path or Element vulnerability in Sonicwall Sonicos and Sonicos Sslvpn Nacagent Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. | 4.6 |
| 2019-08-09 | CVE-2019-12261 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). | 7.5 |