Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvpn openvpn vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2018-11479
The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \\.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process...
Windscribe Windscribe 1.81
NA
CVE-2024-27459
OpenVPN Security fixes: windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation.
6.4
CVSSv2
CVE-2020-15473
In nDPI up to and including 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.
Ntop Ndpi
NA
CVE-2023-24181
LuCI openwrt-22.03 branch git-22.361.69894-438c598 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /openvpn/pageswitch.htm.
Openwrt Luci 22.03.3
4.6
CVSSv2
CVE-2020-5180
Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. (When a VPN connection is initiated using a...
Sparklabs Viscosity 1.8.2
9
CVSSv2
CVE-2018-10204
PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. When configured to use the OpenVPN protocol, the "sevpnclient" service executes "openvpn.exe" using the OpenVPN config file located at %P...
Purevpn Purevpn 6.0.1
NA
CVE-2023-6247
The PKCS#7 parser in OpenVPN 3 Core Library versions up to and including 3.8.3 did not properly validate the parsed data, which would result in the application crashing.
5
CVSSv2
CVE-2019-6628
On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain conditions, the TMM process may terminate and restart while processing BIG-IP PEM traffic with the OpenVPN classifier.
F5 Big-ip Policy Enforcement Manager
7.2
CVSSv2
CVE-2018-10645
Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The "SetPrope...
Goldenfrog Vyprvpn 2.12.1.8015
6.8
CVSSv2
CVE-2020-27649
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) prior to 1.2.4-8081 allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Synology Router Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »