21 matches found
EUVD-2009-0629
Malware in sbrugna...
EUVD-2012-3867
Malware in sbrugna...
EUVD-2012-3868
Malware in sbrugna...
EUVD-2020-26377
Malware in sbrugna...
EUVD-2024-52036
Malicious code in bioql PyPI...
CVE-2025-32818
A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service DoS condition...
SonicOS SSLVPN NULL Pointer Dereference Denial-of-Service (DoS) Vulnerability
A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service DoS condition. CVE: CVE-2025-32818 Last updated: April 23, 2025, 6:49 p.m...
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The flaws are listed below -...
CVE-2021-26109
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution...
CVE-2021-26108
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...
CVE-2024-36504
An out-of-bounds read vulnerability CWE-125 in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticated attacker to perform a denial of service on the SSLVPN web portal via a specially crafted URL...
CVE-2024-36504
CVE-2024-36504 describes an out-of-bounds read (CWE-125) in the FortiOS SSLVPN web portal. An authenticated attacker can cause a denial of service by sending a specially crafted URL. Affected are FortiOS SSLVPN web portal versions: 7.4.0–7.4.4, 7.2.0–7.2.8, 7.0 (all versions), and 6.4 (all versio...
CVE-2024-53704
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication...
CVE-2024-53704
CVE-2024-53704 affects SonicWall SonicOS SSLVPN. An improper authentication vulnerability in the SSLVPN authentication mechanism allows remote attackers to bypass authentication and hijack active VPN sessions. Affected versions include SonicOS SSLVPN 7.1.1-7040 before 7.1.3-7015 and 7.1.2-7019. P...
CVE-2024-40763
Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-based buffer overflow and potentially lead to code execution...
Fortinet Fortigate SSLVPN WEB UI Text injection (FG-IR-24-033)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-033 advisory. - An improper neutralization of special elements in output used by a downstream component 'Injection' vulnerability CWE-74 in...
Fortinet Fortigate Hardcoded SSLVPN cookie encryption key (FG-IR-21-051)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-051 advisory. - A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve...
Fortinet FortiOS Hard-Coded Cryptographic Key (FG-IR-21-051)
The remote host is running a version of FortiOS prior to 5.6.13, 6.0.x prior or equal to 6.0.12, 6.2.x prior or equal to 6.2.8, or 6.4.x prior or equal to 6.4.5, FortiOS-6K7K version prior to 6.2.6 and 6.4.2. It is, therefore, affected by a hard-coded cryptographic key vulnerability in FortiOS...
SonicWALL SonicOS Denial of Service Vulnerability
SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A denial of service vulnerability exists in the SSLVPN service in SonicWALL SonicOS that originates from the release of an invalid pointer, which can be exploited by an attacker to cause the firewa...
SonicWALL SonicOS Cross-Site Scripting Vulnerability
SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A stored cross-site scripting vulnerability exists in the SSLVPN web interface of SonicWALL SonicOS, which can be exploited by a remote, unauthenticated attacker to store and execute arbitrary...