Vulnerabilities > Sonicwall > Sonicosv
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-25 | CVE-2022-22274 | Out-of-bounds Write vulnerability in Sonicwall Sonicos A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall. | 7.5 |
| 2021-06-23 | CVE-2021-20019 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability. | 5.0 |
| 2020-10-12 | CVE-2020-5143 | Information Exposure Through Discrepancy vulnerability in Sonicwall Sonicos and Sonicosv SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. | 5.0 |
| 2020-10-12 | CVE-2020-5142 | Cross-site Scripting vulnerability in Sonicwall Sonicos and Sonicosv A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. | 4.3 |
| 2020-10-12 | CVE-2020-5141 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. | 6.4 |
| 2020-10-12 | CVE-2020-5140 | Out-of-bounds Read vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. | 5.0 |
| 2020-10-12 | CVE-2020-5139 | Release of Invalid Pointer or Reference vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. | 5.0 |
| 2020-10-12 | CVE-2020-5138 | Out-of-bounds Write vulnerability in Sonicwall Sonicos and Sonicosv A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. | 5.0 |
| 2020-10-12 | CVE-2020-5137 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. | 5.0 |
| 2020-10-12 | CVE-2020-5136 | Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. | 4.0 |