Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2019-17388
Weak file permissions applied to the Aviatrix VPN Client up to and including 2.2.10 installation directory on Windows and Linux allow a local malicious user to execute arbitrary code by gaining elevated privileges through file modifications.
Aviatrix Vpn Client
605
VMScore
CVE-2007-4414
Cisco VPN Client on Windows prior to 4.8.02.0010 allows local users to gain privileges by enabling the "Start Before Logon" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box.
Cisco Vpn Client
641
VMScore
CVE-2019-6724
The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local malicious user to load a malicious library, resulting in arbitrary code executing as root.
Barracuda Vpn Client
NA
CVE-2022-46782
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
Stormshield Ssl Vpn Client
NA
CVE-2022-46783
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book.
Stormshield Ssl Vpn Client
614
VMScore
CVE-2010-3361
The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Shrew Vpn Client 2.1.5
516
VMScore
CVE-2018-13283
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client prior to 1.2.5-0226 allows remote malicious users to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
Synology Ssl Vpn Client
NA
CVE-2021-27932
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 up to and including 2.8.0 has Insecure Permissions.
Stormshield Ssl Vpn Client
187
VMScore
CVE-2005-0346
SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.
Safenet Softremote Vpn Client
NA
CVE-2023-5748
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client prior to 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
Synology Ssl Vpn Client
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »