Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvpn openvpn vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-7224
The Aviatrix OpenVPN client up to and including 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load.
Aviatrix Openvpn
668
VMScore
CVE-2020-8953
OpenVPN Access Server 2.8.x prior to 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication).
Openvpn Openvpn Access Server
668
VMScore
CVE-2005-3393
Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.
Openvpn Openvpn Access Server 2.0.1
Openvpn Openvpn Access Server 2.0.2
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0 Beta11
641
VMScore
CVE-2021-33526
In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the servic...
Mbconnectline Mbdialup
641
VMScore
CVE-2021-35523
Securepoint SSL VPN Client v2 prior to 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and a...
Securepoint Openvpn-client
641
VMScore
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp.
Openvpn Private Tunnel
641
VMScore
CVE-2020-27518
All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM.
Windscribe Windscribe
641
VMScore
CVE-2020-27519
Pritunl Client v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. The attack vector is: malicious openvpn config. A local attacker could leverage the log and log-append along with log injection to create or append to privileged scri...
Pritunl Pritunl-client-electron 1.2.2550.20
641
VMScore
CVE-2020-9442
OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.
Openvpn Connect
1 Github repository
641
VMScore
CVE-2019-12578
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local malicious user to run arbitrary code with elevated privileges. The openvpn_launcher.64 binary is setuid root. This binary executes /opt/pia/openvpn...
Londontrustmedia Private Internet Access Vpn Client 82
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »