Computer vulnerabilities of Airbus Stormshield Network Security

Stormshield Network Security: three vulnerabilities
An attacker can use several vulnerabilities of Stormshield Network Security...
CERTFR-2020-AVI-206, STORM-2020-002, STORM-2020-005, STORM-2020-010, VIGILANCE-VUL-32013

Stormshield Network Security: four vulnerabilities of SMC
An attacker can use several vulnerabilities of Stormshield Network Security...
CERTFR-2020-AVI-177, STORM-2020-006, STORM-2020-007, STORM-2020-008, STORM-2020-009, VIGILANCE-VUL-31904

Stormshield Network Security: open redirect via Captive Portal
An attacker can deceive the user via Captive Portal of Stormshield Network Security, in order to redirect him to a malicious site...
CERTFR-2020-AVI-108, CVE-2020-8430, STORM-2020-001, VIGILANCE-VUL-31634

OpenSSL: information disclosure via PKCS7/CMS Padding Oracle
An attacker can bypass access restrictions to data via PKCS7/CMS Padding Oracle of OpenSSL, in order to obtain sensitive information...
1137844, 1172266, 1172278, 3456663, 5695611, 5695629, 5695653, 5695851, 6199286, 6201879, CERTFR-2019-AVI-444, cpuapr2020, cpuoct2019, CVE-2019-1563, DLA-1932-1, DSA-2019-201, DSA-2020-062, DSA-4539-1, DSA-4539-2, DSA-4539-3, DSA-4540-1, NTAP-20190919-0002, openSUSE-SU-2019:2158-1, openSUSE-SU-2019:2189-1, openSUSE-SU-2019:2268-1, openSUSE-SU-2019:2269-1, RHSA-2020:1840-01, SSA:2019-254-03, STORM-2019-018, SUSE-SU-2019:14171-1, SUSE-SU-2019:14174-1, SUSE-SU-2019:2397-1, SUSE-SU-2019:2403-1, SUSE-SU-2019:2410-1, SUSE-SU-2019:2413-1, SUSE-SU-2019:2504-1, SUSE-SU-2019:2558-1, SUSE-SU-2019:2561-1, SUSE-SU-2020:0099-1, USN-4376-1, VIGILANCE-VUL-30293

Stormshield Network Security, Netasq: Cross Site Scripting via Certificate-based Authentication
An attacker can trigger a Cross Site Scripting via Certificate-based Authentication of Stormshield Network Security or Netasq, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-426, STORM-2019-014, VIGILANCE-VUL-30263, VU#672565

Stormshield Network Security, Netasq: Cross Site Request Forgery via Webadmin
An attacker can trigger a Cross Site Request Forgery via Webadmin of Stormshield Network Security or Netasq, in order to force the victim to perform operations...
STORM-2019-012, VIGILANCE-VUL-30262

Stormshield Network Security: Cross Site Scripting via Update Service
An attacker can trigger a Cross Site Scripting via Update Service of Stormshield Network Security, in order to run JavaScript code in the context of the web site...
STORM-2019-016, VIGILANCE-VUL-30261

FreeBSD: denial of service via IPv6 Fragmentation m_pulldown
An attacker can trigger a fatal error via IPv6 Fragmentation m_pulldown() of FreeBSD, in order to trigger a denial of service...
CVE-2019-5611, FreeBSD-SA-19:22.mbuf, VIGILANCE-VUL-30095

Intel 64-bit CPU: information disclosure via SWAPGS
A local attacker can read a memory fragment via SWAPGS of Intel 64-bit CPU, in order to obtain sensitive information...
1103505, CERTFR-2019-AVI-375, CERTFR-2019-AVI-376, CERTFR-2019-AVI-381, CERTFR-2019-AVI-390, CERTFR-2019-AVI-391, CERTFR-2019-AVI-392, CERTFR-2019-AVI-417, CERTFR-2019-AVI-418, CERTFR-2019-AVI-428, CERTFR-2019-AVI-440, CERTFR-2019-AVI-458, CERTFR-2019-AVI-467, CERTFR-2019-AVI-486, CVE-2019-1125, DLA-1884-1, DLA-1885-1, DSA-4495-1, DSA-4497-1, FEDORA-2019-6bda4c81f4, FEDORA-2019-e37c348348, JSA10993, K31085564, openSUSE-SU-2019:1923-1, openSUSE-SU-2019:1924-1, RHSA-2019:2405-01, RHSA-2019:2411-01, RHSA-2019:2473-01, RHSA-2019:2476-01, RHSA-2019:2600-01, RHSA-2019:2609-01, RHSA-2019:2695-01, RHSA-2019:2696-01, RHSA-2019:2730-01, RHSA-2019:2899-01, RHSA-2019:2900-01, RHSA-2019:2975-01, RHSA-2019:3220-01, SB10297, SSA:2019-226-01, SSB-439005, STORM-2019-007, SUSE-SU-2019:14157-1, SUSE-SU-2019:2068-1, SUSE-SU-2019:2069-1, SUSE-SU-2019:2070-1, SUSE-SU-2019:2071-1, SUSE-SU-2019:2072-1, SUSE-SU-2019:2073-1, SUSE-SU-2019:2262-1, SUSE-SU-2019:2263-1, SUSE-SU-2019:2299-1, SUSE-SU-2019:2430-1, SUSE-SU-2019:2450-1, SWAPGS, Synology-SA-19:32, USN-4093-1, USN-4094-1, USN-4095-1, USN-4095-2, USN-4096-1, VIGILANCE-VUL-29962

ClamAV: infinite loop via Better Zip Bomb Overlapping
An attacker can trigger an infinite loop via Zip Bomb of ClamAV, in order to trigger a denial of service (same origin than VIGILANCE-VUL-29701)...
12356, CVE-2019-13232, STORM-2019-009, VIGILANCE-VUL-29947

Our database contains other pages. You can request a free trial to read them.

Display information about Airbus Stormshield Network Security:

https://www.stormshield.com/products-services/services/training/sns/