Vulnerabilities > Stormshield > Stormshield Network Security > 4.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-47093 | Unspecified vulnerability in Stormshield Network Security An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. low complexity stormshield | 6.5 |
| 2023-02-08 | CVE-2022-4304 | Information Exposure Through Discrepancy vulnerability in multiple products A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. | 5.9 |
| 2023-02-08 | CVE-2022-4450 | Double Free vulnerability in multiple products The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. | 7.5 |
| 2023-02-08 | CVE-2023-0286 | Type Confusion vulnerability in multiple products There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. | 7.4 |
| 2021-11-11 | CVE-2002-20001 | Resource Exhaustion vulnerability in multiple products The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. | 7.5 |