Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
6
CVSSv3
CVE-2021-36809
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.
Sophos Ssl Vpn Client -
7.8
CVSSv3
CVE-2020-5144
SonicWall Global VPN client version 4.10.4.0314 and previous versions allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.
Sonicwall Global Vpn Client
8.6
CVSSv3
CVE-2020-5145
SonicWall Global VPN client version 4.10.4.0314 and previous versions have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.
Sonicwall Global Vpn Client
NA
CVE-2008-0324
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
Cisco Vpn Client 5.0.2.0090
1 EDB exploit
7.8
CVSSv3
CVE-2021-27932
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 up to and including 2.8.0 has Insecure Permissions.
Stormshield Ssl Vpn Client
7.8
CVSSv3
CVE-2021-20037
SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and previous ver...
Sonicwall Global Vpn Client
7.8
CVSSv3
CVE-2021-20047
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and previous versions have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system.
Sonicwall Global Vpn Client
7.8
CVSSv3
CVE-2022-46782
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
Stormshield Ssl Vpn Client
5.3
CVSSv3
CVE-2022-46783
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book.
Stormshield Ssl Vpn Client
5.5
CVSSv3
CVE-2023-5748
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client prior to 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
Synology Ssl Vpn Client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »