Lucene search
K
StormshieldStormshield Network Security

34 matches found

CVE
CVE
added 2023/02/08 7:1 p.m.1366 views

CVE-2023-0286

CVE-2023-0286 is a type-confusion bug in OpenSSL related to X.400 address processing inside X.509 GeneralName. The public GENERAL_NAME.x400Address was defined as ASN1_TYPE instead of ASN1_STRING, causing GeneralName_cmp to treat it as a pointer, which under CRL_CHECK can allow an attacker to pass...

7.4CVSS7.7AI score0.59501EPSS
CVE
CVE
added 2022/08/05 12:0 a.m.1223 views

CVE-2022-37434

CVE-2022-37434 describes a heap-based buffer over-read/overflow in zlib’s inflate() (inflate.c) when handling a large gzip header extra field. The vulnerability is limited to code paths that call inflateGetHeader, and is fixed in subsequent zlib revisions. Connected advisories indicate affected e...

9.8CVSS9.9AI score0.1593EPSS
CVE
CVE
added 2023/02/08 7:4 p.m.925 views

CVE-2022-4304

CVE-2022-4304 describes a timing-based side‑channel in OpenSSL’s RSA decryption implementation that could allow recovering plaintext over the network via a Bleichenbacher‑style attack. It affects all RSA padding modes (PKCS#1 v1.5, RSA‑OAEP, and RSASVE). The connected Astra Linux bulletin reprodu...

5.9CVSS6.9AI score0.16195EPSS
CVE
CVE
added 2023/02/08 7:4 p.m.895 views

CVE-2022-4450

Summary (CVE-2022-4450): OpenSSL’s PEM_read_bio_ex() and wrappers PEM_read_bio()/PEM_read() are vulnerable. If a PEM file is crafted to trigger a 0-byte payload, PEM_read_bio_ex() may return a failure while its header buffer has already been freed; freeing that buffer again can cause a use-after-...

7.5CVSS8AI score0.20444EPSS
CVE
CVE
added 2021/11/11 12:0 a.m.401 views

CVE-2002-20001

CVE-2002-20001 describes a Diffie-Hellman key exchange weakness where a remote attacker (from the client side) can send non-public values to induce expensive server-side DHE modular-exponentiation, potentially impacting availability. The description specifies that the attack is most disruptive wh...

7.5CVSS7.3AI score0.23061EPSS
CVE
CVE
added 2023/02/16 3:26 p.m.216 views

CVE-2023-20052

CVE-2023-20052 affects ClamAV DMG file parser in versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. An unauthenticated attacker could exploit XML external entity substitution to cause an information leak by submitting a crafted DMG file to be scanned, potentially leaking by...

5.3CVSS6AI score0.06675EPSS
CVE
CVE
added 2022/10/31 12:0 a.m.179 views

CVE-2022-40617

strongSwan before 5.9.8 is affected by a denial-of-service in the revocation plugin when processing a crafted end-entity certificate containing a CRL/OCSP URL pointing to an attacker‑controlled server that does not respond or misbehaves. This is documented across multiple advisories (Linux distri...

7.5CVSS7.1AI score0.01634EPSS
CVE
CVE
added 2023/02/16 3:24 p.m.179 views

CVE-2023-20032

CVE-2023-20032 affects ClamAV HFS+ parser: vulnerable in versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier due to a missing buffer size check that can cause a heap buffer overflow. An unauthenticated, remote attacker could trigger arbitrary code execution with the ClamAV sc...

9.8CVSS9.6AI score0.29314EPSS
CVE
CVE
added 2022/03/15 8:26 p.m.114 views

CVE-2022-23989

The CVE-2022-23989 issue affects Stormshield Network Security (SNS) prior to specific fixed versions across 3.7.25, 3.11.13, 4.2.10, and 4.3.5. The vulnerability arises when a flood of connections to the SSLVPN service saturates the loopback interface, which can block almost all network traffic a...

7.5CVSS7.3AI score0.00894EPSS
CVE
CVE
added 2022/02/10 4:28 p.m.97 views

CVE-2021-31814

Stormshield Network Security is affected: Stormshield 1.1.0 and 2.1.0–2.9.0 allow an attacker to block VPN client access and disclose sensitive information via the SN VPN SSL Client. The Red Hat and NVD entries confirm the same description across multiple sources; PT-2022-10052 notes no public fi...

6.1CVSS6.1AI score0.00204EPSS
CVE
CVE
added 2020/10/06 1:40 p.m.86 views

CVE-2020-7465

The CVE-2020-7465 issue affects MPD (Music Player Daemon) prior to version 5.9. The L2TP implementation accepts crafted L2TP control packets carrying AVP Q.931 Cause Code, leading to memory corruption that can allow a remote attacker to execute arbitrary code or cause a denial of service. Affecte...

9.8CVSS9.7AI score0.02947EPSS
CVE
CVE
added 2022/02/10 4:19 p.m.86 views

CVE-2021-37613

Stormshield Network Security (SNS) versions 1.0.0–4.2.3 are affected by CVE-2021-37613, resulting in a Denial of Service. The issue is documented across multiple sources (NVD, Red Hat, PRION, CVE List, etc.) with CVSS v3.1 base score 6.5 (AV:A, AC:L, PR:N, UI:N, S:U, A:H) and CVSS v2 base score 2...

6.5CVSS6.4AI score0.00411EPSS
CVE
CVE
added 2022/01/31 3:16 p.m.80 views

CVE-2021-31617

CVE-2021-31617 affects Stormshield Network Security (SNS) ASQ. In multiple versions (1.0.0–2.7.8, 2.8.0–2.16.0, 3.0.0–3.7.20, 3.8.0–3.11.8, 4.0.1–4.2.2), memory management errors in ASQ can lead to remote code execution. The vulnerability is described as a buffer/memory handling issue in ASQ with...

9.8CVSS9.7AI score0.02089EPSS
CVE
CVE
added 2020/10/06 1:43 p.m.74 views

CVE-2020-7466

The issue is in the MPD PPP implementation prior to version 5.9. A remote attacker who can send specifically crafted PPP authentication messages can trigger a read beyond the allocated memory buffer, leading to a denial of service. Affected component: MPD (Music Player Daemon) PPP handling. Root ...

7.5CVSS7.5AI score0.01977EPSS
CVE
CVE
added 2020/04/13 3:8 p.m.74 views

CVE-2020-8430

The CVE-2020-8430 entry concerns Stormshield Network Security model 310 with version 3.7.10 and an Open Redirect vulnerability in the captive portal due to the auth/lang.html?rurl parameter. The issue allows an attacker to redirect users by supplying a crafted rurl value (e.g., rurl=//example.com...

6.1CVSS6.3AI score0.00915EPSS
Web
CVE
CVE
added 2022/02/10 4:13 p.m.71 views

CVE-2021-3398

CVE-2021-3398: Stormshield Network Security (SNS) 3.x is affected by an integer overflow in the high-availability component. The combined set of connected documents confirms the vulnerable element is within SNS 3.x’s high-availability functionality, caused by an integer-overflow condition. Exploi...

5.8CVSS5.7AI score0.00924EPSS
CVE
CVE
added 2023/08/28 12:0 a.m.71 views

CVE-2023-26095

CVE-2023-26095 affects Stormshield Network Security (SNS): ASQ in SNS versions 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 crashes when processing a crafted SIP packet. Root cause not detailed in the provided documents. Remediation: upgrade to SNS 4.3.16 or 4.6.3 (as applicable). Exploit informat...

7.5CVSS7.4AI score0.00611EPSS
CVE
CVE
added 2019/07/04 1:16 p.m.70 views

CVE-2018-20850

Stormshield Network Security versions 2.0.0–2.13.0 and 3.0.0–3.7.1 contain a self‑XSS vulnerability in the SNS web server's command‑line interface. The issue stems from a lack of proper validation in the web application, enabling local attackers to trigger client‑side script execution. No remedia...

8.2CVSS8.2AI score0.00386EPSS
CVE
CVE
added 2022/05/12 2:49 p.m.70 views

CVE-2022-30279

CVE-2022-30279 affects Stormshield Network Security (SNS) 4.3.x up to 4.3.8. The issue is in the ASQ sofbus lacbus plugin event logging, where a NULL pointer is dereferenced, causing an SNS firmware crash. An attacker could exploit this via forged sofbus lacbus traffic to trigger the crash. The p...

7.5CVSS7.3AI score0.00921EPSS
CVE
CVE
added 2022/08/24 12:0 a.m.68 views

CVE-2022-27812

CVE-2022-27812 affects Stormshield Network Security (SNS) firewall. Across multiple versions (3.7.0–3.7.29, 3.11.0–3.11.17, 4.2.0–4.2.10, 4.3.0–4.3.6), sending specific forged UDP/ICMP traffic can lead to a Denial of Service by driving the firewall to high load or crash. The available connected d...

7.5CVSS7.5AI score0.00662EPSS
CVE
CVE
added 2022/01/31 1:50 p.m.66 views

CVE-2021-28962

The CVE-2021-28962 entry applies to Stormshield Network Security (SNS) prior to version 4.2.2. A command-injection vulnerability exists that lets a read-only administrator gain elevated privileges by issuing crafted CLI input. Affected product/versions: SNS before 4.2.2. Impact: attackers with re...

7.2CVSS7.1AI score0.01161EPSS
CVE
CVE
added 2021/07/01 2:1 p.m.63 views

CVE-2021-28127

CVE-2021-28127 affects Stormshield SNS up to version 4.2.1, where a brute-force attack can occur. The connected sources reiterate the same issue against Stormshield SNS 4.2.1, but do not provide a detailed root cause, affected module, or a concrete remediation within the supplied documents. The C...

7.5CVSS7.5AI score0.00944EPSS
CVE
CVE
added 2021/03/19 2:28 p.m.61 views

CVE-2021-27506

The CVE-2021-27506 issue affects the ClamAV Engine (version 0.103.1 and below) embedded in Stormshield SNS (and Netasq lineage). The root cause is DoS upon parsing malformed PNG files, causing the ClamAV service to crash. Impacted products/versions are Netasq 9.1.0–9.1.11 and Stormshield SNS 1.0....

5.5CVSS5.4AI score0.01312EPSS
CVE
CVE
added 2023/12/20 12:0 a.m.57 views

CVE-2023-47093

Stormshield Network Security (SNS) is affected across versions 4.0.0–4.3.21, 4.4.0–4.6.8, and 4.7.0. A crafted ICMP packet may cause the ASQ engine to crash. The public descriptions do not disclose the underlying root cause or a patch version. Practical guidance from the connected PT-2023-30301 e...

6.5CVSS6.3AI score0.00287EPSS
CVE
CVE
added 2023/08/25 12:0 a.m.56 views

CVE-2020-11711

Stormshield SNS 3.8.0 is affected by an authenticated Stored XSS in the admin login panel. A malicious disclaimer file can be uploaded via the admin panel and rendered on the authentication interface, enabling injection of HTML/JavaScript to execute in a victim’s browser. This can lead to credent...

4.8CVSS4.9AI score0.00399EPSS
CVE
CVE
added 2022/01/27 2:0 p.m.53 views

CVE-2021-28096

Stormshield SNS prior to 4.2.3 (in proxy mode) is affected by CVE-2021-28096. An attacker can saturate the proxy connection table, resulting in the proxy denying any new connections. The description specifies the vulnerability as an overload of the proxy connection table but does not provide conc...

5.3CVSS5.3AI score0.00889EPSS
CVE
CVE
added 2023/12/25 12:0 a.m.47 views

CVE-2023-41165

Affected product: Stormshield Network Security (SNS). Vulnerable versions include 3.7.0–3.7.38 (fixed by 3.7.39+), 3.10.0–3.11.26 (fixed by 3.11.27+), 4.0–4.3.21 (fixed by 4.3.22+), and 4.4.0–4.6.8 (fixed by 4.6.9+). Issue: an administrator with write access to the SNS firewall can configure a lo...

4.8CVSS6.7AI score0.00412EPSS
CVE
CVE
added 2021/03/02 5:8 p.m.45 views

CVE-2021-3384

Stormshield Network Security is affected by CVE-2021-3384, a vulnerability in ARP/NDP table management that can temporarily prevent contacting new hosts over IPv4/IPv6. Impacted versions include 2.0.0–2.7.7, 2.8.0–2.16.0, 3.0.0–3.7.16, 3.8.0–3.11.4, and 4.0.0–4.1.5. Fixed in 2.7.8, 3.7.17, 3.11.5...

5.3CVSS5.2AI score0.01016EPSS
CVE
CVE
added 2023/12/25 12:0 a.m.45 views

CVE-2023-47091

CVE-2023-47091 affects Stormshield Network Security (SNS). The issue allows an attacker to overflow the cookie threshold, breaking IPsec connections. Affected versions are SNS 4.3.13–4.3.22 (fixed in 4.3.23), SNS 4.6.0–4.6.9 (fixed in 4.6.10), and SNS 4.7.0–4.7.1 (fixed in 4.7.2). Connected docum...

7.5CVSS7.6AI score0.00531EPSS
CVE
CVE
added 2021/05/06 7:26 p.m.43 views

CVE-2021-28665

CVE-2021-28665 affects Stormshield SNS (Stormshield Network Security) prior to versions 3.7.18, 3.11.6 and 4.1.6. The vulnerability is a memory-management defect in the SNMP plugin that can cause excessive memory and CPU consumption, potentially leading to a denial of service. Public documentatio...

7.5CVSS7.4AI score0.0099EPSS
CVE
CVE
added 2023/12/26 12:0 a.m.43 views

CVE-2023-28616

Stormshield Network Security (SNS) is affected by CVE-2023-28616 in versions before 4.3.17, 4.4.x–4.6.x before 4.6.4, and 4.7.x before 4.7.1. The issue concerns user passwords containing an equals sign or space character; the serverd process logs such passwords in cleartext and may forward these ...

7.5CVSS7.6AI score0.00295EPSS
CVE
CVE
added 2023/12/20 12:0 a.m.36 views

CVE-2023-41166

Stormshield Network Security (SNS) is affected across multiple releases (3.7.0–3.7.39, 3.11.0–3.11.27, 4.3.0–4.3.22, 4.6.0–4.6.9, 4.7.0–4.7.1). The issue allows an attacker to determine whether a specific user account exists on the SNS firewall by issuing remote access commands. The impact is inf...

5.3CVSS5.3AI score0.004EPSS
CVE
CVE
added 2023/12/25 12:0 a.m.24 views

CVE-2023-34198

In Stormshield Network Security (SNS), versions 1.0.0–3.7.36, 3.8.0–3.11.24, 4.0.0–4.3.18, 4.4.0–4.6.5, and 4.7.0 are affected by CVE-2023-34198. The issue arises when a Network object is created from an inactive DHCP interface in the filtering slot, causing the system to use an object of the :an...

7.3CVSS6.8AI score0.00513EPSS
CVE
CVE
added 2025/09/25 12:0 a.m.15 views

CVE-2025-48707

CVE-2025-48707 affects Stormshield Network Security (SNS) prior to 5.0.1. In some HA configurations, TPM authentication information could be shared among administrators, potentially enabling secret sharing and reducing isolation of admin credentials. Public sources in the connected documents cons...

7.5CVSS6.6AI score0.00323EPSS