Product:

Sonicos

(Sonicwall)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 55
Date Id Summary Products Score Patch Annotated
2019-08-09 CVE-2019-12258 Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, E\-Series_santricity_os_controller, Power_meter_9410_firmware, Power_meter_9810_firmware, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Siprotec_5_firmware, Sonicos, Vxworks 7.5
2019-08-09 CVE-2019-12260 Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, E\-Series_santricity_os_controller, Communications_eagle, Power_meter_9410_firmware, Power_meter_9810_firmware, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Siprotec_5_firmware, Sonicos, Vxworks 9.8
2019-08-09 CVE-2019-12261 Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, E\-Series_santricity_os_controller, Communications_eagle, Power_meter_9410_firmware, Power_meter_9810_firmware, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Siprotec_5_firmware, Sonicos, Vxworks 9.8
2021-06-23 CVE-2021-20019 A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability. Sonicos, Sonicosv 7.5
2018-01-08 CVE-2018-5280 SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens. Sonicos 5.4
2018-01-08 CVE-2018-5281 SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens. Sonicos 5.4
2019-08-09 CVE-2019-12259 Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, 9410_power_meter_firmware, 9810_power_meter_firmware, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Siprotec_5_firmware, Sonicos, Vxworks 7.5
2019-02-19 CVE-2018-9867 In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv... Sonicos, Sonicosv 5.5
2022-04-27 CVE-2022-22275 Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable. Sonicos 7.5
2022-03-25 CVE-2022-22274 A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall. Sonicos, Sonicosv 9.8