Search
Search Results (8 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-40604 | 1 Sonicwall | 11 Email Security, Email Security Appliance 5000, Email Security Appliance 5000 Firmware and 8 more | 2025-12-12 | 6.5 Medium |
| Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore access to modify system files and gain persistent arbitrary code execution. | ||||
| CVE-2025-40605 | 1 Sonicwall | 11 Email Security, Email Security Appliance 5000, Email Security Appliance 5000 Firmware and 8 more | 2025-12-12 | 5.3 Medium |
| A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path. | ||||
| CVE-2021-20023 | 2 Microsoft, Sonicwall | 20 Windows, Email Security, Email Security Appliance 3300 and 17 more | 2025-11-12 | 4.9 Medium |
| SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host. | ||||
| CVE-2021-20022 | 2 Microsoft, Sonicwall | 20 Windows, Email Security, Email Security Appliance 3300 and 17 more | 2025-11-10 | 7.2 High |
| SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host. | ||||
| CVE-2021-20021 | 2 Microsoft, Sonicwall | 20 Windows, Email Security, Email Security Appliance 3300 and 17 more | 2025-11-10 | 9.8 Critical |
| A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. | ||||
| CVE-2014-2879 | 1 Sonicwall | 1 Email Security Appliance | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html) or (2) the uploadLicenses parameter in the License management (settings_upload_dlicense.html) page. | ||||
| CVE-2019-7489 | 1 Sonicwall | 1 Email Security Appliance | 2024-11-21 | 9.8 Critical |
| A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | ||||
| CVE-2019-7488 | 1 Sonicwall | 1 Email Security Appliance | 2024-11-21 | 9.8 Critical |
| Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | ||||
Page 1 of 1.