Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anyconnect secure mobility client vulnerabilities and exploits
(subscribe to this query)
6.6
CVSSv2
CVE-2015-0663
Cisco AnyConnect Secure Mobility Client 4.0(.00051) and previous versions does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages, aka Bug ID CSCus79392.
Cisco Anyconnect Secure Mobility Client
4.3
CVSSv2
CVE-2015-0664
The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and previous versions allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.
Cisco Anyconnect Secure Mobility Client
6.6
CVSSv2
CVE-2015-0665
The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and previous versions allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.
Cisco Anyconnect Secure Mobility Client
5
CVSSv2
CVE-2014-3314
Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote malicious users to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.
Cisco Anyconnect Secure Mobility Client
7.2
CVSSv2
CVE-2017-6638
A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. The vulnerability is d...
Cisco Anyconnect Secure Mobility Client
1 Github repository
6.8
CVSSv2
CVE-2015-0755
The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797.
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
6.4
CVSSv2
CVE-2015-4289
Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920.
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
NA
CVE-2023-36672
An issue exists in the Clario VPN client up to and including 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subn...
Clario Vpn
2 Articles
NA
CVE-2023-36673
An issue exists in Avira Phantom VPN up to and including 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by ...
Avira Phantom Vpn
2 Articles
NA
CVE-2023-20178
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local malicious user to elevate privileges to those of SYSTEM. The client update ...
Cisco Secure Client
Cisco Anyconnect Secure Mobility Client
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »