34 matches found
SonicWall SMA100 Series 安全漏洞
SonicWall SMA100 Series is a security gateway appliance from SonicWall, Inc. A security vulnerability exists in the SonicWall SMA100 Series that stems from the potential exposure of sensitive information in log files, which could result in a remote authenticated administrator viewing some user...
VulnCheck KEV: CVE-2022-1703
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service DoS attack...
EUVD-2025-22457
Malicious code in bioql PyPI...
EUVD-2021-7513
Malicious code in bioql PyPI...
EUVD-2025-22454
Malicious code in bioql PyPI...
CVE-2025-40596
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
CVE-2025-40598
A Reflected cross-site scripting XSS vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code...
CVE-2025-40597
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
CVE-2025-40596
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
CVE-2025-40598
A Reflected cross-site scripting XSS vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code...
CVE-2025-40597
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
CVE-2025-40596
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
CVE-2025-40598
The SMA100 series web interface is affected by three CVEs (CVE-2025-40598, CVE-2025-40597, CVE-2025-40596). CVE-2025-40598: Reflected XSS in the SMA100 web UI enables remote, unauthenticated attackers to potentially execute arbitrary JavaScript. CVE-2025-40597: Heap-based buffer overflow in the S...
CVE-2025-40598
A Reflected cross-site scripting XSS vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code...
CVE-2025-40597
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
CVE-2025-40597
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
CVE-2025-40596
CVE-2025-40596 affects SonicWall SMA100 series Web Interface: a stack-based buffer overflow in the SMA100 web UI can be triggered remotely (no auth) and may cause DoS or, per the description, potentially enable code execution. The available sources confirm the vulnerability class and impact vecto...
CVE-2025-40596
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
CVE-2025-40596
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...
PT-2025-30593
Name of the Vulnerable Software and Affected Versions SMA100 series affected versions not specified Description A heap-based buffer overflow exists in the web interface. This allows a remote, unauthenticated attacker to cause a Denial of Service DoS or potentially achieve code execution...