Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2018-8929
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client prior to 1.2.4-0224 allows remote malicious users to conduct man-in-the-middle attacks via a crafted payload.
Synology Ssl Vpn Client
7.8
CVSSv3
CVE-2021-20051
SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and previous versions versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target sy...
Sonicwall Global Vpn Client
7
CVSSv3
CVE-2022-25165
An issue exists in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service (running...
Amazon Aws Client Vpn 2.0.0
4 Github repositories
5
CVSSv3
CVE-2022-25166
An issue exists in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters (such as auth-user-pass). When this file is imported and the client attempts to validate the file path, it performs an...
Amazon Aws Client Vpn 2.0.0
NA
CVE-2009-2918
The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0.
Thegreenbow Thegreenbow Vpn Client 4.61.003
1 EDB exploit
5.3
CVSSv3
CVE-2020-13413
An issue exists in Aviatrix Controller prior to 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.
Aviatrix Controller
Aviatrix Vpn Client 2.8.2
7.5
CVSSv3
CVE-2020-15590
A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 up to and including 2.3+ allows remote malicious users to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a &ld...
Privateinternetaccess Private Internet Access Vpn Client
NA
CVE-2002-0852
Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and previous versions allows remote malicious users to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large numb...
Cisco Vpn Client 3.5.1
Cisco Vpn Client 3.5.2
NA
CVE-2002-0853
Cisco Virtual Private Network (VPN) Client 3.5.4 and previous versions allows remote malicious users to cause a denial of service (CPU consumption) via a packet with a zero-length payload.
Cisco Vpn Client 3.5.1
Cisco Vpn Client 3.5.2
NA
CVE-2007-3157
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote malicious users to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support fo...
Safenet Safenet Highassurance Remote 1.4.0 Build 12
Safenet Softremote Vpn Client 1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »