Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0346
SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.
Safenet Softremote Vpn Client
7.4
CVSSv3
CVE-2018-13283
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client prior to 1.2.5-0226 allows remote malicious users to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
Synology Ssl Vpn Client
7.8
CVSSv3
CVE-2021-20037
SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and previous ver...
Sonicwall Global Vpn Client
7.8
CVSSv3
CVE-2021-20047
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and previous versions have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system.
Sonicwall Global Vpn Client
7.8
CVSSv3
CVE-2021-20051
SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and previous versions versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target sy...
Sonicwall Global Vpn Client
8.6
CVSSv3
CVE-2020-5145
SonicWall Global VPN client version 4.10.4.0314 and previous versions have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.
Sonicwall Global Vpn Client
8.1
CVSSv3
CVE-2018-8929
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client prior to 1.2.4-0224 allows remote malicious users to conduct man-in-the-middle attacks via a crafted payload.
Synology Ssl Vpn Client
7.8
CVSSv3
CVE-2021-27932
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 up to and including 2.8.0 has Insecure Permissions.
Stormshield Ssl Vpn Client
6
CVSSv3
CVE-2021-36809
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.
Sophos Ssl Vpn Client -
7.8
CVSSv3
CVE-2022-46782
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
Stormshield Ssl Vpn Client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »