Vulnerabilities > Sonicwall > Sonicos
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-09 | CVE-2019-12265 | Memory Leak vulnerability in multiple products Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. | 5.0 |
2019-08-09 | CVE-2019-12263 | Out-of-bounds Write vulnerability in multiple products Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). | 6.8 |
2019-08-09 | CVE-2019-12259 | NULL Pointer Dereference vulnerability in multiple products Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. | 5.0 |
2019-08-09 | CVE-2019-12257 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. | 5.8 |
2019-08-09 | CVE-2019-12256 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. | 7.5 |
2019-04-02 | CVE-2019-7477 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. | 5.0 |
2019-04-02 | CVE-2019-7475 | Improper Access Control vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. | 7.5 |
2019-04-02 | CVE-2019-7474 | Improper Access Control vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. | 4.0 |
2019-02-19 | CVE-2018-9867 | Incorrect Permission Assignment for Critical Resource vulnerability in Sonicwall Sonicos and Sonicosv In SonicWall SonicOS, administrators without full permissions can download imported certificates. | 2.1 |
2018-01-08 | CVE-2018-5281 | Cross-site Scripting vulnerability in Sonicwall Sonicos SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens. | 3.5 |