Vulnerabilities > Stormshield > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-26 | CVE-2023-28616 | Cleartext Transmission of Sensitive Information vulnerability in Stormshield Network Security An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. | 7.5 |
2023-12-25 | CVE-2023-47091 | Classic Buffer Overflow vulnerability in Stormshield Network Security An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. | 7.5 |
2023-08-28 | CVE-2023-26095 | Unspecified vulnerability in Stormshield Network Security ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet. | 7.5 |
2023-08-25 | CVE-2021-27932 | Unspecified vulnerability in Stormshield SSL VPN Client 2.1.0/3.0.0 Stormshield Network Security (SNS) VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions. | 7.8 |
2023-08-05 | CVE-2022-46782 | Unspecified vulnerability in Stormshield SSL VPN Client An issue was discovered in Stormshield SSL VPN Client before 3.2.0. | 7.8 |
2023-02-08 | CVE-2022-4450 | Double Free vulnerability in multiple products The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. | 7.5 |
2023-02-08 | CVE-2023-0215 | Use After Free vulnerability in multiple products The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. | 7.5 |
2023-02-08 | CVE-2023-0216 | NULL Pointer Dereference vulnerability in multiple products An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. | 7.5 |
2023-02-08 | CVE-2023-0286 | Type Confusion vulnerability in multiple products There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. | 7.4 |
2023-02-08 | CVE-2023-0401 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. | 7.5 |