cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-22398,https://securityvulnerability.io/vulnerability/CVE-2024-22398,Path Traversal Vulnerability Could Lead to File Deletion,An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file system.,Sonicwall,Email Security,,,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-03-14T03:29:03.884Z,0
CVE-2023-0655,https://securityvulnerability.io/vulnerability/CVE-2023-0655,Remote Access Vulnerability in SonicWall Email Security,"SonicWall Email Security is susceptible to a vulnerability that allows a remote, unauthenticated attacker to gain access to an error page containing sensitive user information, including email addresses. This exposure could potentially lead to further exploitation and privacy breaches for affected users. It is crucial for organizations using this product to assess their security measures in light of this vulnerability.",SonicWall,SonicWall Email Security,5.3,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2023-02-14T03:15:00.000Z,0
CVE-2022-2324,https://securityvulnerability.io/vulnerability/CVE-2022-2324,Improperly Implemented Security Check in SonicWall Hosted Email Security,"A vulnerability in SonicWall Hosted Email Security allows for the bypass of the Capture ATP security service due to improperly implemented security checks. This impacts version 10.0.17.7319 and prior, posing risks to email security and data protection. To mitigate these risks, users are advised to update to a secure version as soon as possible.",Sonicwall,Sonicwall Email Security,7.5,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2022-07-29T21:05:26.000Z,0
CVE-2021-20025,https://securityvulnerability.io/vulnerability/CVE-2021-20025,,SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the device is freshly installed and not connected to Mysonicwall.,Sonicwall,Email Security Virtual Appliance,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-05-13T14:45:12.000Z,0
CVE-2021-20023,https://securityvulnerability.io/vulnerability/CVE-2021-20023,,SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host.,Sonicwall,Email Security,4.9,MEDIUM,0.9333199858665466,true,2021-11-03T00:00:00.000Z,false,true,true,2021-11-03T00:00:00.000Z,,false,false,,2021-04-20T11:55:13.000Z,0
CVE-2021-20022,https://securityvulnerability.io/vulnerability/CVE-2021-20022,,SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.,Sonicwall,Email Security,7.2,HIGH,0.003329999977722764,true,2021-11-03T00:00:00.000Z,false,true,true,2021-11-03T00:00:00.000Z,,false,false,,2021-04-09T17:50:15.000Z,0
CVE-2021-20021,https://securityvulnerability.io/vulnerability/CVE-2021-20021,,A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.,Sonicwall,Email Security,9.8,CRITICAL,0.006839999929070473,true,2021-11-03T00:00:00.000Z,false,true,true,2021-11-03T00:00:00.000Z,true,false,false,,2021-04-09T17:50:14.000Z,0
CVE-2019-7488,https://securityvulnerability.io/vulnerability/CVE-2019-7488,,Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.,Sonicwall,Email Security Appliance,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2019-12-23T21:50:12.000Z,0
CVE-2019-7489,https://securityvulnerability.io/vulnerability/CVE-2019-7489,,A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.,Sonicwall,Email Security Appliance,9.8,CRITICAL,0.007269999943673611,false,,false,false,true,2021-04-21T13:02:03.000Z,true,false,false,,2019-12-23T21:50:12.000Z,0
CVE-2014-2879,https://securityvulnerability.io/vulnerability/CVE-2014-2879,,Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the uploadPatch parameter to the System/Advanced page (settings_advanced.html) or (2) the uploadLicenses parameter in the License management (settings_upload_dlicense.html) page.,Sonicwall,Email Security Appliance,,,0.0028899998869746923,false,,false,false,false,,,false,false,,2014-04-17T14:00:00.000Z,0