Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-7098
OpenConnect VPN client with GnuTLS prior to 5.02 contains a heap overflow if MTU is increased on reconnection.
Infradead Openconnect
2.9
CVSSv2
CVE-2019-15126
An issue exists on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the a...
Apple Ipados
Apple Iphone Os
Apple Mac Os X
Broadcom Bcm4389 Firmware -
Broadcom Bcm43012 Firmware -
Broadcom Bcm43013 Firmware -
Broadcom Bcm4375 Firmware -
Broadcom Bcm43752 Firmware -
Broadcom Bcm4356 Firmware -
1 EDB exploit
5 Github repositories
2 Articles
4.6
CVSSv2
CVE-2020-5180
Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. (When a VPN connection is initiated using a...
Sparklabs Viscosity 1.8.2
7.2
CVSSv2
CVE-2019-17387
An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client up to and including 2.2.10 allows an malicious user to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.
Aviatrix Vpn Client
7.2
CVSSv2
CVE-2019-17388
Weak file permissions applied to the Aviatrix VPN Client up to and including 2.2.10 installation directory on Windows and Linux allow a local malicious user to execute arbitrary code by gaining elevated privileges through file modifications.
Aviatrix Vpn Client
7.2
CVSSv2
CVE-2019-6145
Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar...
Forcepoint Vpn Client
7.5
CVSSv2
CVE-2019-16239
process_http_response in OpenConnect prior to 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
Infradead Openconnect
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Opensuse Leap 15.1
7.2
CVSSv2
CVE-2019-12575
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local malicious user to run arbitrary code with elevated privileges. The root_runner.64 binary is setuid root. This binary executes /opt/pia/ruby/64/ruby...
Londontrustmedia Private Internet Access Vpn Client 82
7.2
CVSSv2
CVE-2019-12577
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local malicious user to run arbitrary code with elevated privileges. The macOS binary openvpn_launcher.64 is setuid root. This binary creates /tmp/pia_up...
Londontrustmedia Private Internet Access Vpn Client 82
7.2
CVSSv2
CVE-2019-12578
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local malicious user to run arbitrary code with elevated privileges. The openvpn_launcher.64 binary is setuid root. This binary executes /opt/pia/openvpn...
Londontrustmedia Private Internet Access Vpn Client 82
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »