Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2005-0346
SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.
Safenet Softremote Vpn Client
NA
CVE-2022-46782
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
Stormshield Ssl Vpn Client
NA
CVE-2022-46783
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book.
Stormshield Ssl Vpn Client
6.9
CVSSv2
CVE-2020-5144
SonicWall Global VPN client version 4.10.4.0314 and previous versions allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.
Sonicwall Global Vpn Client
NA
CVE-2021-27932
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 up to and including 2.8.0 has Insecure Permissions.
Stormshield Ssl Vpn Client
6.9
CVSSv2
CVE-2020-5145
SonicWall Global VPN client version 4.10.4.0314 and previous versions have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.
Sonicwall Global Vpn Client
4.9
CVSSv2
CVE-2008-0324
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
Cisco Vpn Client 5.0.2.0090
1 EDB exploit
6.9
CVSSv2
CVE-2021-20047
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and previous versions have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system.
Sonicwall Global Vpn Client
6.9
CVSSv2
CVE-2021-20051
SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and previous versions versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target sy...
Sonicwall Global Vpn Client
5.8
CVSSv2
CVE-2018-13283
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client prior to 1.2.5-0226 allows remote malicious users to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
Synology Ssl Vpn Client
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »