Search Results (27 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-33909 7 Debian, Fedoraproject, Linux and 4 more 16 Debian Linux, Fedora, Linux Kernel and 13 more 2024-11-21 7.8 High
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
CVE-2021-20050 1 Sonicwall 12 Sma100, Sma200, Sma210 and 9 more 2024-11-21 7.5 High
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.
CVE-2021-20049 1 Sonicwall 12 Sma100, Sma200, Sma210 and 9 more 2024-11-21 7.5 High
A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions.
CVE-2021-20018 1 Sonicwall 2 Sma100, Sma100 Firmware 2024-11-21 4.9 Medium
A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. This vulnerability impacts SMA100 version 10.2.0.5 and earlier.
CVE-2021-20017 1 Sonicwall 2 Sma100, Sma100 Firmware 2024-11-21 8.8 High
A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulnerability impacts SMA100 version 10.2.0.5 and earlier.
CVE-2020-5132 1 Sonicwall 3 Sma100, Sma100 Firmware, Sonicos 2024-11-21 5.3 Medium
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability.
CVE-2020-5129 1 Sonicwall 2 Sma1000, Sma1000 Firmware 2024-11-21 7.5 High
A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.