Filtered by vendor Sonicwall Subscriptions
Filtered by product Sma1000 Firmware Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-0126 1 Sonicwall 2 Sma1000, Sma1000 Firmware 2024-11-21 7.5 High
Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory.
CVE-2022-0847 7 Fedoraproject, Linux, Netapp and 4 more 42 Fedora, Linux Kernel, H300e and 39 more 2024-11-21 7.8 High
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
CVE-2021-33909 7 Debian, Fedoraproject, Linux and 4 more 16 Debian Linux, Fedora, Linux Kernel and 13 more 2024-11-21 7.8 High
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
CVE-2020-5129 1 Sonicwall 2 Sma1000, Sma1000 Firmware 2024-11-21 7.5 High
A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.
CVE-2024-45317 1 Sonicwall 1 Sma1000 Firmware 2024-10-15 N/A
A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.