Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvpn openvpn vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2018-10204
PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. When configured to use the OpenVPN protocol, the "sevpnclient" service executes "openvpn.exe" using the OpenVPN config file located at %P...
Purevpn Purevpn 6.0.1
801
VMScore
CVE-2018-9105
NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. The vulnerability stems from its privileged helper tool's implemented XPC service. This XPC service is responsible for receiving and processing new OpenVPN connection requests from the main appl...
Nordvpn Nordvpn 3.3.10
801
VMScore
CVE-2018-7311
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability. The software installs a privileged helper tool that runs as the root user. This privileged helper tool is installed as a LaunchDaemon and implements an XPC service. The XPC service is responsible ...
Privatevpn Privatevpn 2.0.31
801
VMScore
CVE-2006-1629
OpenVPN 2.0 up to and including 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.
Openvpn Openvpn 2.0
Openvpn Openvpn Access Server 2.0.3
Openvpn Openvpn 2.0.4
Openvpn Openvpn Access Server 2.0.5
Openvpn Openvpn Access Server 2.0.1
Openvpn Openvpn Access Server 2.0.2
696
VMScore
CVE-2014-5455
Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.
Openvpn Openvpn 2.1.28.0
Privatetunnel Privatetunnel 2.3.8
1 EDB exploit
2 Github repositories
694
VMScore
CVE-2021-31605
furlongm openvpn-monitor up to and including 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM.
Openvpn-monitor Project Openvpn-monitor
1 Github repository
694
VMScore
CVE-2014-2264
The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote malicious users to obtain access via a VPN session.
Synology Diskstation Manager 4.3-3810
676
VMScore
CVE-2008-3459
Unspecified vulnerability in OpenVPN 2.1-beta14 up to and including 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters.
Openvpn Openvpn 2.1
668
VMScore
CVE-2022-0547
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.
Openvpn Openvpn
Fedoraproject Fedora 34
Fedoraproject Fedora 36
Debian Debian Linux 9.0
668
VMScore
CVE-2021-3773
A flaw in netfilter could allow a network-connected malicious user to infer openvpn connection endpoint information for further use in traditional network attacks.
Linux Linux Kernel
Fedoraproject Fedora 34
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »