103 matches found
EUVD-2022-27427
Malicious code in bioql PyPI...
EUVD-2023-38239
Malicious code in bioql PyPI...
EUVD-2023-38228
Malicious code in bioql PyPI...
EUVD-2021-7483
Malicious code in bioql PyPI...
EUVD-2023-38238
Malicious code in bioql PyPI...
EUVD-2023-38233
Malicious code in bioql PyPI...
EUVD-2023-38225
Malicious code in bioql PyPI...
EUVD-2023-38232
Malicious code in bioql PyPI...
EUVD-2021-7493
Malicious code in bioql PyPI...
CVE-2022-22280
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions...
CVE-2021-20020
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root...
CVE-2021-20030
SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files...
SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of SonicWALL GMS Virtual Appliance. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
GMS ECM multiple vulnerabilities
SonicWall GMS Virtual Appliance, Windows - 9.3.4 and earlier versions are vulnerable to the following security issues.1 CVE-2024-29010 - GMS ECM Policy XML External Entity Processing Information Disclosure Vulnerability.The XML document processed in the GMS ECM endpoint is vulnerable to XML...
PT-2024-22669 · Sonicwall · Gms
Name of the Vulnerable Software and Affected Versions: GMS versions 9.3.4 and earlier Description: The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity XXE injection, potentially resulting in the disclosure of sensitive information. This issue could allow...
Sonicwall
This module exploits a series of vulnerabilities - including auth bypass, SQL injection, and shell injection - to obtain remote code execution on SonicWall GMS versions use exploit/multi/http/sonicwallshellinjectioncve202334124 msf exploitsonicwallshellinjectioncve202334124 show targets...
SonicWALL GMS Virtual Appliance Syslog Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SonicWALL GMS Virtual Appliance. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2023-34133
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics:...
CVE-2023-34131
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...
Code injection
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...