Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openconnect vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-7098
OpenConnect VPN client with GnuTLS prior to 5.02 contains a heap overflow if MTU is increased on reconnection.
Infradead Openconnect
4.3
CVSSv2
CVE-2020-12105
OpenConnect up to and including 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
Infradead Openconnect
Opensuse Leap 15.1
7.5
CVSSv2
CVE-2020-12823
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
Infradead Openconnect 8.09
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
7.5
CVSSv2
CVE-2019-16239
process_http_response in OpenConnect prior to 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
Infradead Openconnect
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Opensuse Leap 15.1
6.4
CVSSv2
CVE-2022-31524
The PureStorage-OpenConnect/swagger repository up to and including 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Purestorage Pure Swagger
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2