Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssl vpn vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2009-2119
Cross-site scripting (XSS) vulnerability in the login interface (my.logon.php3) in F5 FirePass SSL VPN 5.5 up to and including 5.5.2 and 6.0 up to and including 6.0.3 allows remote malicious users to inject arbitrary web script or HTML via a base64-encoded xcho parameter.
F5 Firepass Ssl Vpn 5.5.2
F5 Firepass Ssl Vpn 6.0.2
F5 Firepass Ssl Vpn 6.0.3
F5 Firepass Ssl Vpn 5.5
F5 Firepass Ssl Vpn 5.5.1
F5 Firepass Ssl Vpn 6.0
F5 Firepass Ssl Vpn 6.0.1
755
VMScore
CVE-2005-4197
tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote malicious users to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet.
Nortel Ssl Vpn 4.1.2.11
Nortel Ssl Vpn 4.1.2.12
Nortel Ssl Vpn
1 EDB exploit
440
VMScore
CVE-2012-4739
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN prior to 2.2.2.203 (2012-07-05) allow remote malicious users to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories....
Barracudanetworks Barracuda Ssl Vpn 1.5.0.29
Barracudanetworks Barracuda Ssl Vpn 1.2.6.004
Barracudanetworks Barracuda Ssl Vpn
2 EDB exploits
435
VMScore
CVE-2008-2030
Cross-site scripting (XSS) vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote malicious users to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obta...
F5 Firepass Ssl Vpn 6.2
F5 Firepass 4100
F5 Firepass Ssl Vpn 5.4.2
F5 Firepass Ssl Vpn 5.5.2
F5 Firepass Ssl Vpn 6.0
1 EDB exploit
481
VMScore
CVE-2006-5179
Intoto iGateway VPN and iGateway SSL-VPN allow context-dependent malicious users to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra t...
Intoto Igateway Ssl-vpn
Intoto Igateway Vpn
1000
VMScore
CVE-2007-5815
Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 prior to 2.1, and SSL-VPN 2000/4000 prior to 2.5, allows remote malicious users to delete arbitrary files via a full pathname in the argument to the FileDelete method.
Sonicwall Ssl Vpn2000\\/4000
Sonicwall Ssl Vpn 200
1 EDB exploit
385
VMScore
CVE-2022-35416
H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.
H3c Ssl Vpn
7 Github repositories
828
VMScore
CVE-2007-5814
Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control prior to 2.1.0.51, and 2.5.x prior to 2.5.0.56, allow remote malicious users to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (...
Sonicwall Ssl Vpn
940
VMScore
CVE-2007-5603
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control prior to 2.1.0.51, and 2.5.x prior to 2.5.0.56, allows remote malicious users to execute arbitrary code via a long string in the second argument to the AddRouteEntry method.
Sonicwall Ssl Vpn
2 EDB exploits
NA
CVE-2023-5748
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client prior to 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
Synology Ssl Vpn Client
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »