cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-22398,https://securityvulnerability.io/vulnerability/CVE-2024-22398,Path Traversal Vulnerability Could Lead to File Deletion,An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file system.,Sonicwall,Email Security,,,0.0004400000034365803,false,false,false,false,,false,false,2024-03-14T03:29:03.884Z,0
CVE-2023-0655,https://securityvulnerability.io/vulnerability/CVE-2023-0655,,SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.,SonicWall,SonicWall Email Security,5.3,MEDIUM,0.0009899999713525176,false,false,false,false,,false,false,2023-02-14T03:15:00.000Z,0
CVE-2022-2324,https://securityvulnerability.io/vulnerability/CVE-2022-2324,,Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions,Sonicwall,Sonicwall Email Security,7.5,HIGH,0.0007200000109151006,false,false,false,false,,false,false,2022-07-29T21:05:26.000Z,0
CVE-2021-20025,https://securityvulnerability.io/vulnerability/CVE-2021-20025,,SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the device is freshly installed and not connected to Mysonicwall.,Sonicwall,Email Security Virtual Appliance,7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2021-05-13T14:45:12.000Z,0
CVE-2021-20023,https://securityvulnerability.io/vulnerability/CVE-2021-20023,,SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.,Sonicwall,Email Security,4.9,MEDIUM,0.9333199858665466,true,false,true,true,,false,false,2021-04-20T11:55:13.000Z,0
CVE-2021-20022,https://securityvulnerability.io/vulnerability/CVE-2021-20022,,SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.,Sonicwall,Email Security,7.2,HIGH,0.003329999977722764,true,false,true,true,,false,false,2021-04-09T17:50:15.000Z,0
CVE-2021-20021,https://securityvulnerability.io/vulnerability/CVE-2021-20021,,A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.,Sonicwall,Email Security,9.8,CRITICAL,0.006839999929070473,true,false,true,true,true,false,false,2021-04-09T17:50:14.000Z,0
CVE-2019-7489,https://securityvulnerability.io/vulnerability/CVE-2019-7489,,A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.,Sonicwall,Email Security Appliance,9.8,CRITICAL,0.007269999943673611,false,false,false,true,true,false,false,2019-12-23T21:50:12.000Z,0
CVE-2019-7488,https://securityvulnerability.io/vulnerability/CVE-2019-7488,,Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.,Sonicwall,Email Security Appliance,9.8,CRITICAL,0.002219999907538295,false,false,false,false,,false,false,2019-12-23T21:50:12.000Z,0
CVE-2014-2879,https://securityvulnerability.io/vulnerability/CVE-2014-2879,,Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html) or (2) the uploadLicenses parameter in the License management (settings_upload_dlicense.html) page.,Sonicwall,Email Security Appliance,,,0.0028899998869746923,false,false,false,false,,false,false,2014-04-17T14:00:00.000Z,0