Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anyconnect secure mobility client vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-0664
The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and previous versions allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.
Cisco Anyconnect Secure Mobility Client
7.2
CVSSv2
CVE-2021-1237
A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to perform a DLL injection attack. To exploit this vulnerability, the attacker would need to h...
Cisco Anyconnect Secure Mobility Client
7.2
CVSSv2
CVE-2020-3433
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid creden...
Cisco Anyconnect Secure Mobility Client
1 Article
5
CVSSv2
CVE-2014-3314
Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote malicious users to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.
Cisco Anyconnect Secure Mobility Client
7.2
CVSSv2
CVE-2017-6638
A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. The vulnerability is d...
Cisco Anyconnect Secure Mobility Client
1 Github repository
6.8
CVSSv2
CVE-2015-0755
The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797.
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
6.4
CVSSv2
CVE-2015-4289
Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920.
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
NA
CVE-2023-36672
An issue exists in the Clario VPN client up to and including 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subn...
Clario Vpn
2 Articles
NA
CVE-2023-36673
An issue exists in Avira Phantom VPN up to and including 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by ...
Avira Phantom Vpn
2 Articles
NA
CVE-2023-20178
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local malicious user to elevate privileges to those of SYSTEM. The client update ...
Cisco Secure Client
Cisco Anyconnect Secure Mobility Client
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »