Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tunnelblick vulnerabilities and exploits
(subscribe to this query)
107
VMScore
CVE-2012-4676
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and previous versions allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485.
Google Tunnelblick
630
VMScore
CVE-2012-3483
Race condition in the runScript function in Tunnelblick 3.3beta20 and previous versions allows local users to gain privileges by replacing a script file.
Google Tunnelblick
2 EDB exploits
392
VMScore
CVE-2012-4677
Tunnelblick 3.3beta20 and previous versions allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value.
Google Tunnelblick
641
VMScore
CVE-2012-3484
Tunnelblick 3.3beta20 and previous versions relies on a test for specific ownership and permissions to determine whether a program can be safely executed, which allows local users to bypass intended access restrictions and gain privileges via a (1) user-mountable image or (2) net...
Google Tunnelblick
730
VMScore
CVE-2012-3485
Tunnelblick 3.3beta20 and previous versions relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via an execl system call.
Google Tunnelblick
2 EDB exploits
614
VMScore
CVE-2012-3486
Tunnelblick 3.3beta20 and previous versions allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event.
Google Tunnelblick
107
VMScore
CVE-2012-3487
Race condition in Tunnelblick 3.3beta20 and previous versions allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.
Google Tunnelblick
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started