Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sonicos
(Sonicwall)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 51 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-03-25 | CVE-2021-3450 | The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten.... | Fedora, Freebsd, Web_gateway, Web_gateway_cloud_service, Cloud_volumes_ontap_mediator, Oncommand_workflow_automation, Ontap_select_deploy_administration_utility, Santricity_smi\-S_provider_firmware, Storagegrid, Storagegrid_firmware, Node\.js, Openssl, Commerce_guided_search, Enterprise_manager_for_storage_management, Graalvm, Jd_edwards_enterpriseone_tools, Jd_edwards_world_security, Mysql_connectors, Mysql_enterprise_monitor, Mysql_server, Mysql_workbench, Peoplesoft_enterprise_peopletools, Secure_backup, Secure_global_desktop, Weblogic_server, Capture_client, Email_security, Sma100_firmware, Sonicos, Nessus, Nessus_agent, Nessus_network_monitor, Linux | 7.4 | ||
| 2023-10-17 | CVE-2023-39276 | SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash. | Sonicos | 6.5 | ||
| 2023-10-17 | CVE-2023-39277 | SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash. | Sonicos | 6.5 | ||
| 2023-10-17 | CVE-2023-41711 | SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash. | Sonicos | 6.5 | ||
| 2023-10-17 | CVE-2023-39278 | SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash. | Sonicos | 6.5 | ||
| 2023-10-17 | CVE-2023-39279 | SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash. | Sonicos | 6.5 | ||
| 2023-10-17 | CVE-2023-39280 | SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash. | Sonicos | 6.5 | ||
| 2023-10-17 | CVE-2023-41713 | SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. | Sonicos | 7.5 | ||
| 2023-10-17 | CVE-2023-41712 | SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash. | Sonicos | 6.5 | ||
| 2023-10-17 | CVE-2023-41715 | SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel. | Sonicos | 8.8 |