Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
private internet access vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-15590
A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 up to and including 2.3+ allows remote malicious users to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a &ld...
Privateinternetaccess Private Internet Access Vpn Client
4.9
CVSSv2
CVE-2019-9529
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. This could allow an unauthenticated, local attacker connected to the device to access the portal and to make any change to the device.
Cobham Explorer 710 Firmware 1.07
4.9
CVSSv2
CVE-2019-9530
The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory.
Cobham Explorer 710 Firmware 1.07
10
CVSSv2
CVE-2019-9531
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote malicious user to connect to this port via Telnet and execute 86 Attention (AT) commands, including some that prov...
Cobham Explorer 710 Firmware 1.07
2.1
CVSSv2
CVE-2019-9532
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local malicious user to intercept the password and gain access to the portal.
Cobham Explorer 710 Firmware 1.07
10
CVSSv2
CVE-2019-9533
The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. This could allow an malicious user to reverse-engineer the password from available versions to gain authenticated access to the device.
Cobham Explorer 710 Firmware 1.07
7.2
CVSSv2
CVE-2019-9534
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local malicious user to upload their own firmwar...
Cobham Explorer 710 Firmware 1.07
6.6
CVSSv2
CVE-2019-12573
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local malicious user to overwrite arbitrary files. The openvpn_launcher binary is setuid root. This binary supports the --log option, which acc...
Londontrustmedia Private Internet Access Vpn Client 82
7.2
CVSSv2
CVE-2019-12579
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local malicious user to run arbitrary code with elevated privileges. The PIA Linux/macOS binary openvpn_launcher.64 binary is setuid root. This...
Londontrustmedia Private Internet Access Vpn Client 82
6.6
CVSSv2
CVE-2019-12571
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local malicious user to overwrite arbitrary files. When the client initiates a connection, the XML /tmp/pia-watcher.plist file is c...
Londontrustmedia Private Internet Access Vpn Client 0.9.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »