Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvpn openvpn vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1305
OpenVPN Security fixes: Windows TAP driver: Fix potential integer overflow in !TapSharedSendPacket.
NA
CVE-2024-27459
OpenVPN Security fixes: windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation.
NA
CVE-2024-27903
OpenVPN Security fixes: Windows: disallow loading of plugins from untrusted installation paths, which could be used to attack openvpn.exe via a malicious plugin. Plugins can now only be loaded from the OpenVPN install directory, the Windows system directory, and possibly from a d...
NA
CVE-2023-6247
The PKCS#7 parser in OpenVPN 3 Core Library versions up to and including 3.8.3 did not properly validate the parsed data, which would result in the application crashing.
NA
CVE-2023-7235
The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an malicious user to replace binaries to run arbitrary executables.
NA
CVE-2023-7245
The nodejs framework in OpenVPN Connect 3.0 up to and including 3.4.3 (Windows)/3.4.7 (macOS) was not properly configured, which allows a local user to execute arbitrary code within the nodejs process context via the ELECTRON_RUN_AS_NODE environment variable
NA
CVE-2014-7196
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7169. Reason: This candidate is a duplicate of CVE-2014-7169. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-7169 instead of this candidate. All references and descripti...
15 EDB exploits
NA
CVE-2014-62771
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6271. Reason: This candidate is a duplicate of CVE-2014-6271. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-6271 instead of this candidate. All references and descripti...
14 EDB exploits
NA
CVE-2014-8104
OpenVPN 2.x prior to 2.0.11, 2.1.x, 2.2.x prior to 2.2.3, and 2.3.x prior to 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
Mageia Mageia 4.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Opensuse Opensuse 12.3
Openvpn Openvpn 2.0 Test1
Openvpn Openvpn 2.0 Test11
Openvpn Openvpn 2.0 Test19
Openvpn Openvpn 2.0 Test20
Openvpn Openvpn 2.0 Test27
Openvpn Openvpn 2.0 Test29
Openvpn Openvpn 2.0 Test7
Openvpn Openvpn 2.0 Test9
Openvpn Openvpn 2.0 Rc15
Openvpn Openvpn 2.0 Rc17
Openvpn Openvpn 2.0 Rc4
Openvpn Openvpn 2.0 Rc6
Openvpn Openvpn 2.0.1 Rc1
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0.1 Rc5
Openvpn Openvpn Access Server 2.0.3
1 Article
NA
CVE-2014-9104
Multiple cross-site request forgery (CSRF) vulnerabilities in the XML-RPC API in the Desktop Client in OpenVPN Access Server 1.5.6 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) disconnecting established VPN...
Openvpn Openvpn Access Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »