32 matches found
EUVD-2020-26388
Malware in sbrugna...
EUVD-2021-7511
Malicious code in bioql PyPI...
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
SonicWall said it's actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in late July 2025. "Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents...
CVE-2024-50107
In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmccoreiounmap to call iounmap for valid addresses Commit 50c6dbdfd16e "x86/ioremap: Improve iounmap address range checks" introduces a WARN when adrress ranges of iounmap are invalid. On Thinkpad P1 G...
CVE-2024-50107 platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses
In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmccoreiounmap to call iounmap for valid addresses Commit 50c6dbdfd16e "x86/ioremap: Improve iounmap address range checks" introduces a WARN when adrress ranges of iounmap are invalid. On Thinkpad P1 G...
CVE-2024-50107 platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses
In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmccoreiounmap to call iounmap for valid addresses Commit 50c6dbdfd16e "x86/ioremap: Improve iounmap address range checks" introduces a WARN when adrress ranges of iounmap are invalid. On Thinkpad P1 G...
CVE-2024-40766: Critical Improper Access Control Vulnerability Affecting SonicWall Devices
On August 22, 2024, security firm SonicWall published an advisory on CVE-2024-40766, a critical improper access control vulnerability affecting SonicOS, the operating system that runs on the company’s physical and virtual firewalls. While CVE-2024-40766 was not known to be exploited in the wild a...
SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 CVSS score: 9.3, has been described as an improper access contr...
CVE-2024-40766
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7...
CVE-2024-40766
CVE-2024-40766 affects SonicWall SonicOS on Gen5/Gen6 and Gen7 (SonicOS ≤ 7.0.1-5035) with improper access control in management access and SSLVPN, enabling unauthorized resource access and, in some cases, a firewall crash. Public sources confirm exploitation activity in the wild (CISA KEV catalo...
SonicOS Improper Access Control Vulnerability
An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Gen 5 and Gen 6 devices, as well as Gen 7...
CVE-2021-20048
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions...
CVE-2021-20046
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions...
Stack overflow
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions...
Stack overflow
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions...
CVE-2021-20046
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions...
SonicWall SonicOS Buffer Overflow (SNWLID-2021-0006)
According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by a buffer overflow vulnerability. A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted unauthenticated HTTP request. This can...
SonicWall SonicOS Buffer Overflow Vulnerability
According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by a buffer overflow vulnerability, allowing a remote attacker to cause Denial of Service DoS, and potentially execute arbitrary code by sending a malicious request to the...
CVE-2020-5143
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and G...
CVE-2020-5134
A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0...