sonicwall

250 tracked vulnerabilities.

CVE-2024-40763 HIGH
SonicWall SMA100 Firmware < 10.2.1.14-75sv - Authenticated Heap-based Buffer Overflow via strcpy
Dec 05, 2024
CVSS 7.5
EPSS 0.11
CVE-2024-45317 HIGH
SonicWall SMA1000 <= 12.4.3-02676 - Unauthenticated Server-Side Request Forgery
Oct 11, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-45316 HIGH
SonicWall Connect Tunnel <12.4.3.271 - Privilege Escalation
Oct 11, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-45315 MEDIUM
SonicWall Connect Tunnel <12.4.3.271 - Privilege Escalation
Oct 11, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-40766 CRITICAL KEV
SonicWall - Improper Access Control
Aug 23, 2024
CVSS 9.8
EPSS 0.04
CVE-2024-40764 HIGH
SonicOS < 6.5.4.v-21s-rc2457 - Unauthenticated Denial of Service via Heap-based Buffer Overflow
Jul 18, 2024
CVSS 7.5
EPSS 0.10
CVE-2024-29014 HIGH
SonicWall NetExtender < 10.2.341 - Remote Code Execution via EPC Client Update
Jul 18, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-3596 CRITICAL
FreeRADIUS < 3.0.27 - RADIUS Response Forgery via MD5 Chosen-Prefix Collision
Jul 09, 2024
CVSS 9.0
EPSS 0.18
CVE-2024-38475 CRITICAL KEVNUCLEI
Apache HTTP Server < 2.4.60 - Remote Code Execution via mod_rewrite Unsafe Substitution
Jul 01, 2024
CVSS 9.1
EPSS 0.94
CVE-2024-6387 HIGH
OpenSSH - DoS
Jul 01, 2024
CVSS 8.1
EPSS 0.63
CVE-2024-29013 MEDIUM
SonicOS < 7.0.1-5161 - Authenticated Denial of Service via memcpy Heap-based Buffer Overflow
Jun 20, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-29012 HIGH
SonicOS < 7.0.1-5161 - Authenticated Denial of Service via sscanf Buffer Overflow
Jun 20, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-29011 HIGH
SonicWall GMS <= 9.3.4 - Authentication Bypass via Hard-coded Password
May 01, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-29010 HIGH
SonicWall GMS <= 9.3.4 - XML External Entity Injection via ECM URL Endpoint
May 01, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-22398 MEDIUM
SonicWall Email Security Appliance - Path Traversal
Mar 14, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-22397 HIGH
SonicOS < 7.0.1-5145 and < 7.1.1-7047 - Authenticated Stored Cross-Site Scripting in SSLVPN Portal
Mar 14, 2024
CVSS 8.3
EPSS 0.00
CVE-2024-22396 MEDIUM
SonicOS < 7.0.1-5145, < 7.1.1-7047, < 6.5.4.13-105n, < 6.5.4.4-44v-21-2340 - DoS & RCE via IKEv2 Payload
Mar 14, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-22395 MEDIUM
SonicWall SMA 200/210/400/410/500v < 10.2.1.11-65sv Authenticated MFA Bypass
Feb 24, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-22394 CRITICAL
SonicWall SonicOS <7.1.1-7040 - Auth Bypass
Feb 08, 2024
CVSS 9.8
EPSS 0.01
CVE-2023-6340 MEDIUM
SonicWall Capture Client <3.7.10, NetExtender client <10.2.337 - DoS
Jan 18, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-5970 HIGH
SonicWall SMA 200/210/400/410/500v <10.2.1.9-57sv Authenticated MFA Bypass via Username Spoofing
Dec 05, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-44221 HIGH KEV
SonicWall SMA 200/210/400/410/500v Firmware < 10.2.1.9-57sv - Authenticated OS Command Injection
Dec 05, 2023
CVSS 7.2
EPSS 0.23
CVE-2023-44220 HIGH
SonicWall NetExtender < 10.2.336 - DLL Search Order Hijacking in Startup Component
Oct 27, 2023
CVSS 7.3
EPSS 0.00
CVE-2023-44219 HIGH
SonicWall Directory Services Connector < 4.1.22 - Local Privilege Escalation via Recovery Feature
Oct 27, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-41715 HIGH
SonicOS < 7.0.1-5145 - Authenticated Privilege Escalation in SSL VPN Tunnel
Oct 17, 2023
CVSS 8.8
EPSS 0.00
Products
sonicos 68 sma_210_firmware 35 sma_410_firmware 35 global_management_system 32 sma_500v_firmware 32 sma_200_firmware 27 sma_400_firmware 27 sonicosv 19 analytics 17 SonicOS 14 sma_100_firmware 13 email_security 12 analyzer 10 netextender 9 scrutinizer 7 SMA1000 6 global_vpn_client 6 sma6200_firmware 6 sma6210_firmware 6 sma7200_firmware 6 sma7210_firmware 6 sma8200v 6 email_security_appliance_5000_firmware 5 email_security_appliance_5050_firmware 5 email_security_appliance_7000_firmware 5 email_security_appliance_7050_firmware 5 email_security_appliance_9000_firmware 5 sma1000_firmware 5 sma100_firmware 5 Email Security 4
Quick Filters
Critical CVEs With Exploits In CISA KEV