Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-7505

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.02663EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-7504

Malicious code in bioql PyPI...

7.8CVSS8.8AI score0.06782EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:59 p.m.4 views

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

9.8CVSS7.8AI score0.99912EPSS
Exploits7References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:5 p.m.6 views

CVE-2021-20041

An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

7.8CVSS7AI score0.06782EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:5 p.m.8 views

CVE-2021-20040

A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

7.5CVSS7.1AI score0.25783EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:5 p.m.8 views

CVE-2021-20045

A buffer overflow vulnerability in SMA100 sonicfiles RACCOPYTO RacNumber 36 method allows a remote unauthenticated attacker to potentially execute code as the 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

9.8CVSS7.8AI score0.25208EPSS
Exploits0References1
HackRead
HackRead
added 2025/01/27 11:11 a.m.26 views

SonicWall SMA Appliances Exploited in Zero-Day Attacks

Critical security flaw in SonicWall SMA 1000 appliances CVE-2025-23006 exploited as a zero-day. Rated CVSS 9.8, patch immediately…...

9.8CVSS7.1AI score0.23432EPSS
Exploits1
NVD
NVD
added 2021/12/08 10:15 a.m.20 views

CVE-2021-20041

An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

7.8CVSS0.06782EPSS
Exploits0References1
OSV
OSV
added 2021/12/08 10:15 a.m.4 views

CVE-2021-20040

A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

7.5CVSS7.3AI score0.25783EPSS
Exploits0References1
Prion
Prion
added 2021/12/08 10:15 a.m.23 views

Path traversal

A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages or files as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

5CVSS7.6AI score0.25783EPSS
Exploits0References1Affected Software5
Prion
Prion
added 2021/12/08 10:15 a.m.22 views

Design/Logic Flaw

An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

7.8CVSS7.5AI score0.06782EPSS
Exploits0References1Affected Software5
Cvelist
Cvelist
added 2021/12/08 9:55 a.m.26 views

CVE-2021-20042

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

9.8AI score0.02663EPSS
Exploits0References1
CVE
CVE
added 2021/12/08 9:55 a.m.60 views

CVE-2021-20041

CVE-2021-20041 affects SonicWall SMA 100 series (SMA 200/210/400/410/500v). The issue is an unauthenticated CPU-exhaustion vulnerability caused by an infinite loop in fileexplorer when parsing certain multi-parameter options, leading to sustained high CPU usage. Affected versions include 9.0.0.11...

7.8CVSS8.5AI score0.06782EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/12/08 9:55 a.m.2 views

CVE-2021-20039

Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

9.2AI score0.7811EPSS
Exploits5References2
Vulnrichment
Vulnrichment
added 2021/12/08 9:55 a.m.9 views

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

8.2AI score0.99912EPSS
Exploits7References3
Rows per page
Query Builder