Firewall

This hub aggregates every CVE we track for Firewall, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Firewall.

• CVE-2024-10542Spam protection, Anti-Spam, FireWall by CleanTalk <= 6.43.2 - Authorization Bypass via Reverse DNS Spoofing to Unauthenticated Arbitrary Plugin Installation9.8Nov 26, 2024
• CVE-2024-10781Spam protection, Anti-Spam, FireWall by CleanTalk <= 6.44 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Arbitrary Plugin Installation8.1Nov 26, 2024
• CVE-2024-7249Comodo Firewall Link Following Local Privilege Escalation Vulnerability7.8Jul 29, 2024
• CVE-2023-42552Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamp...4.4Nov 7, 2023
• CVE-2023-5552A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the p...7.1Oct 17, 2023
• CVE-2022-40630Improper Session Management Vulnerability in Tacitine Firewall6.5Sep 23, 2022
• CVE-2022-40629Sensitive Information Disclosure Vulnerability in Tacitine Firewall7.5Sep 23, 2022
• CVE-2022-40628Remote Code Execution Vulnerability in Tacitine Firewall9.8Sep 23, 2022
• CVE-2022-3236A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.KEV9.8Sep 23, 2022
• CVE-2022-1807Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1.7.2Sep 7, 2022
• CVE-2022-0675Puppet Firewall Module May Leave Unmanaged Rules5.6Mar 2, 2022
• CVE-2021-24295Time-based Blind SQL Injection in Spam protection, AntiSpam, FireWall by CleanTalk < 5.153.47.5May 17, 2021
• CVE-2019-14270Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox Esc...7.1Jul 25, 2019
• CVE-2012-4923Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule pa...4.3Sep 15, 2012
• CVE-2010-0475Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or H...4.3May 14, 2010