CVSS: 10.0EPSS: 92%CPEs: 31EXPL: 5CVE-2022-37434 – zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field
https://notcve.org/view.php?id=CVE-2022-37434
05 Aug 2022 — zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). zlib versiones hasta 1.2.12, presenta una lectura excesiva de búfer en la región heap de la memoria o desbordamiento de búfer en el archivo inflate.c por medio de un cam... • https://github.com/xen0bit/CVE-2022-37434_poc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31814
https://notcve.org/view.php?id=CVE-2021-31814
10 Feb 2022 — In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client. En Stormshield versiones 1.1.0, y versiones 2.1.0 hasta 2.9.0, un atacante puede bloquear el acceso de un cliente a la VPN y puede obtener información confidencial mediante el cliente SN VPN SSL • https://advisories.stormshield.eu • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-37613
https://notcve.org/view.php?id=CVE-2021-37613
10 Feb 2022 — Stormshield Network Security (SNS) 1.0.0 through 4.2.3 allows a Denial of Service. Stormshield Network Security (SNS) versiones 1.0.0 hasta 4.2.3, permite una Denegación de Servicio • https://advisories.stormshield.eu •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3398
https://notcve.org/view.php?id=CVE-2021-3398
10 Feb 2022 — Stormshield Network Security (SNS) 3.x has an Integer Overflow in the high-availability component. Stormshield Network Security (SNS) 3.x, presenta un Desbordamiento de Enteros en el componente high-availability • https://advisories.stormshield.eu/2021-001 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28096
https://notcve.org/view.php?id=CVE-2021-28096
27 Jan 2022 — An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections. Se ha detectado un problema en Stormshield SNS versiones anteriores a 4.2.3 (cuando es usado el proxy). Un atacante puede saturar la tabla de conexiones del proxy. • https://advisories.stormshield.eu/2021-005 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 4%CPEs: 60EXPL: 2CVE-2002-20001
https://notcve.org/view.php?id=CVE-2002-20001
11 Nov 2021 — The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it c... • https://github.com/c0r0n3r/dheater • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-28127
https://notcve.org/view.php?id=CVE-2021-28127
01 Jul 2021 — An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur. Se ha detectado un problema en Stormshield SNS versiones hasta 4.2.1. Puede ocurrir un ataque de fuerza bruta • https://advisories.stormshield.eu • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2020-7466
https://notcve.org/view.php?id=CVE-2020-7466
06 Oct 2020 — The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition. La implementación PPP de MPD versiones anteriores a 5.9, permite a un atacante remoto que puede enviar un mensaje de autenticación PPP específicamente diseñado causar que el demonio lea más allá del búfer de memoria asignado, lo que resultaría en una condición de denegaci... • https://sourceforge.net/p/mpd/bugs/69 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 1CVE-2020-7465
https://notcve.org/view.php?id=CVE-2020-7465
06 Oct 2020 — The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption). La implementación L2TP de MPD versiones anteriores a 5.9, permite a un atacante remoto que puede enviar un paquete de control L2TP específicamente diseñado con AVP versión Q.931 Causar Code para ejecutar código arbitrario o causar una denegación de servicio (corrupción de la memoria) • https://sourceforge.net/p/mpd/bugs/70 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8430
https://notcve.org/view.php?id=CVE-2020-8430
13 Apr 2020 — Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=https://example.com in the query string. Los dispositivos Stormshield Network Security versión 310 3.7.10, presentan una vulnerabilidad de Redireccionamiento Abierto de auth/lang.html?rurl= en el portal cautivo. • https://advisories.stormshield.eu/2020-001 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •