Known Vulnerabilities for products from Stormshield
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Stormshield".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-47091 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-25 | 2024-01-04 |
| CVE-2023-35800 json | Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent... | 4.3 - MEDIUM | 2023-06-27 | 2023-07-05 |
| CVE-2023-35799 json | Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evo... | 5.5 - MEDIUM | 2023-06-27 | 2023-07-05 |
| CVE-2023-28616 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-26 | 2024-01-04 |
| CVE-2023-26095 json | ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted... | 7.5 - HIGH | 2023-08-28 | 2023-08-31 |
| CVE-2023-23562 json | Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update g... | 4.3 - MEDIUM | 2023-05-31 | 2023-06-07 |
| CVE-2023-23561 json | Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive inform... | 5.5 - MEDIUM | 2023-05-30 | 2023-06-06 |
| CVE-2023-20052 json | On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG fi... | 5.3 - MEDIUM | 2023-03-01 | 2024-01-25 |
| CVE-2023-20032 json | On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ p... | 9.8 - CRITICAL | 2023-03-01 | 2024-01-25 |
| CVE-2023-0401 json | A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the... | 7.5 - HIGH | 2023-02-08 | 2024-02-04 |
| CVE-2023-0286 json | There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses wer... | 7.4 - HIGH | 2023-02-08 | 2024-02-04 |
| CVE-2023-0216 json | An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_P... | 7.5 - HIGH | 2023-02-08 | 2024-02-04 |
| CVE-2023-0215 json | The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used inter... | 7.5 - HIGH | 2023-02-08 | 2024-02-04 |
| CVE-2022-46783 json | An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are used, an attacker may be ab... | 5.3 - MEDIUM | 2023-08-28 | 2023-09-01 |
| CVE-2022-46782 json | An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, ... | 7.8 - HIGH | 2023-08-05 | 2023-08-09 |
| CVE-2022-40617 json | strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted en... | 7.5 - HIGH | 2022-10-31 | 2023-11-07 |
| CVE-2022-37434 json | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extr... | 9.8 - CRITICAL | 2022-08-05 | 2023-07-19 |
| CVE-2022-32215 json | The llhttp parser | 6.5 - MEDIUM
|
2022-07-14
|
2023-11-07
|
|
| CVE-2022-32214 json | The llhttp parser | 6.5 - MEDIUM
|
2022-07-14
|
2023-07-19
|
|
| CVE-2022-32213 json | The llhttp parser | 6.5 - MEDIUM
|
2022-07-14
|
2023-11-07
|
|
Known software with vulnerabilities from Stormshield
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Stormshield | Stormshield Network Security | 2.0.0 |