Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-0629

Malware in sbrugna...

7.8CVSS6.2AI score0.01966EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2012-3867

Malware in sbrugna...

3.5CVSS6.4AI score0.00856EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-3868

Malware in sbrugna...

3.5CVSS6.4AI score0.00856EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-26377

Malware in sbrugna...

5.3CVSS5.6AI score0.01251EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-52036

Malicious code in bioql PyPI...

8.1CVSS9.1AI score0.12713EPSS
Exploits0References1
NVD
NVD
added 2025/04/23 8:15 p.m.9 views

CVE-2025-32818

A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service DoS condition...

7.5CVSS0.00786EPSS
Exploits0References1
SonicWall
SonicWall
added 2025/04/23 6:49 p.m.19 views

SonicOS SSLVPN NULL Pointer Dereference Denial-of-Service (DoS) Vulnerability

A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service DoS condition. CVE: CVE-2025-32818 Last updated: April 23, 2025, 6:49 p.m...

7.5CVSS6.8AI score0.00786EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/19 4:48 a.m.29 views

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The flaws are listed below -...

5.9CVSS8.6AI score0.98338EPSS
Exploits22
RedhatCVE
RedhatCVE
added 2025/02/06 3:47 a.m.7 views

CVE-2021-26109

An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution...

9.8CVSS7.6AI score0.01823EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:40 a.m.8 views

CVE-2021-26108

A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...

7.5CVSS6.6AI score0.01042EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 2:9 p.m.18 views

CVE-2024-36504

An out-of-bounds read vulnerability CWE-125 in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticated attacker to perform a denial of service on the SSLVPN web portal via a specially crafted URL...

6.5CVSS0.00691EPSS
Exploits0References1
CVE
CVE
added 2025/01/14 2:9 p.m.70 views

CVE-2024-36504

CVE-2024-36504 describes an out-of-bounds read (CWE-125) in the FortiOS SSLVPN web portal. An authenticated attacker can cause a denial of service by sending a specially crafted URL. Affected are FortiOS SSLVPN web portal versions: 7.4.0–7.4.4, 7.2.0–7.2.8, 7.0 (all versions), and 6.4 (all versio...

6.5CVSS6.2AI score0.00691EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/09 6:52 a.m.21 views

CVE-2024-53704

An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication...

7.2AI score0.95132EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 6:52 a.m.262 views

CVE-2024-53704

CVE-2024-53704 affects SonicWall SonicOS SSLVPN. An improper authentication vulnerability in the SSLVPN authentication mechanism allows remote attackers to bypass authentication and hijack active VPN sessions. Affected versions include SonicOS SSLVPN 7.1.1-7040 before 7.1.3-7015 and 7.1.2-7019. P...

9.8CVSS7.3AI score0.95132EPSS
In wildExploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/05 1:39 p.m.17 views

CVE-2024-40763

Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-based buffer overflow and potentially lead to code execution...

7.5AI score0.0095EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/12 12:0 a.m.13 views

Fortinet Fortigate SSLVPN WEB UI Text injection (FG-IR-24-033)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-033 advisory. - An improper neutralization of special elements in output used by a downstream component 'Injection' vulnerability CWE-74 in...

4.3CVSS5.6AI score0.00557EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.12 views

Fortinet Fortigate Hardcoded SSLVPN cookie encryption key (FG-IR-21-051)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-051 advisory. - A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve...

7.5CVSS7.3AI score0.01042EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/01/14 12:0 a.m.48 views

Fortinet FortiOS Hard-Coded Cryptographic Key (FG-IR-21-051)

The remote host is running a version of FortiOS prior to 5.6.13, 6.0.x prior or equal to 6.0.12, 6.2.x prior or equal to 6.2.8, or 6.4.x prior or equal to 6.4.5, FortiOS-6K7K version prior to 6.2.6 and 6.4.2. It is, therefore, affected by a hard-coded cryptographic key vulnerability in FortiOS...

7.5CVSS7.3AI score0.01042EPSS
Exploits0References2
CNVD
CNVD
added 2020/10/13 12:0 a.m.9 views

SonicWALL SonicOS Denial of Service Vulnerability

SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A denial of service vulnerability exists in the SSLVPN service in SonicWALL SonicOS that originates from the release of an invalid pointer, which can be exploited by an attacker to cause the firewa...

7.5CVSS6.8AI score0.01742EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/13 12:0 a.m.11 views

SonicWALL SonicOS Cross-Site Scripting Vulnerability

SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A stored cross-site scripting vulnerability exists in the SSLVPN web interface of SonicWALL SonicOS, which can be exploited by a remote, unauthenticated attacker to store and execute arbitrary...

6.1CVSS6.5AI score0.01063EPSS
Exploits0References1
Rows per page
Query Builder