Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvpn vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2018-7544
A cross-protocol scripting issue exists in the management interface in OpenVPN up to and including 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, ob...
Openvpn Openvpn
9.8
CVSSv3
CVE-2018-7715
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC servi...
Privatevpn Privatevpn 2.0.31
9.8
CVSSv3
CVE-2018-7716
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC servi...
Privatevpn Privatevpn 2.0.31
8.8
CVSSv3
CVE-2018-7311
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability. The software installs a privileged helper tool that runs as the root user. This privileged helper tool is installed as a LaunchDaemon and implements an XPC service. The XPC service is responsible ...
Privatevpn Privatevpn 2.0.31
7.8
CVSSv3
CVE-2017-17809
In Golden Frog VyprVPN prior to 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows malicious users to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse th...
Goldenfrog Vyprvpn
9.8
CVSSv3
CVE-2017-12166
OpenVPN versions prior to 2.3.3 and 2.4.x prior to 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
Openvpn Openvpn
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-7508
OpenVPN versions prior to 2.4.3 and prior to 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.
Openvpn Openvpn
Openvpn Openvpn 2.4.1
Openvpn Openvpn 2.4.2
Openvpn Openvpn 2.4.0
1 Article
7.4
CVSSv3
CVE-2017-7520
OpenVPN versions prior to 2.4.3 and prior to 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.
Openvpn Openvpn 2.4.0
Openvpn Openvpn 2.4.1
Openvpn Openvpn 2.4.2
Openvpn Openvpn
1 Article
5.9
CVSSv3
CVE-2017-7521
OpenVPN versions prior to 2.4.3 and prior to 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().
Openvpn Openvpn
Openvpn Openvpn 2.4.0
Openvpn Openvpn 2.4.2
Openvpn Openvpn 2.4.1
1 Article
6.5
CVSSv3
CVE-2017-7522
OpenVPN versions prior to 2.4.3 and prior to 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.
Openvpn Openvpn 2.4.0
Openvpn Openvpn 2.4.1
Openvpn Openvpn
Openvpn Openvpn 2.4.2
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »