Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anyconnect vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-1519
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local malicious user to overwrite VPN profiles on an affected device. The vulnerability is due to insufficient validation of user-supp...
Cisco Anyconnect Secure Mobility Client
5.5
CVSSv3
CVE-2021-1258
A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient fil...
Cisco Anyconnect Secure Mobility Client
Mcafee Agent Epolicy Orchestrator Extension
4.4
CVSSv3
CVE-2018-0100
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local malicious user to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of the XML External ...
Cisco Anyconnect Secure Mobility Client
5.7
CVSSv3
CVE-2023-36672
An issue exists in the Clario VPN client up to and including 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subn...
Clario Vpn
2 Articles
7.3
CVSSv3
CVE-2023-36673
An issue exists in Avira Phantom VPN up to and including 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by ...
Avira Phantom Vpn
2 Articles
NA
CVE-2015-4211
Cisco AnyConnect Secure Mobility Client 3.1(60) on Windows does not properly validate pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCus65862.
Cisco Anyconnect Secure Mobility Client 3.1\\(60\\)
6.5
CVSSv3
CVE-2017-12268
A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local malicious user to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enf...
Cisco Anyconnect Secure Mobility Client 4.5\\(822\\)
7.5
CVSSv3
CVE-2019-1853
A vulnerability in the HostScan component of Cisco AnyConnect Secure Mobility Client for Linux could allow an unauthenticated, remote malicious user to read sensitive information on an affected system. The vulnerability exists because the affected software performs improper bound...
Cisco Anyconnect Secure Mobility Client 4.6\\(2074\\)
5.5
CVSSv3
CVE-2021-1450
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local malicious user to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need...
Cisco Anyconnect Secure Mobility Client 4.9\\(5086\\)
7.3
CVSSv3
CVE-2020-3556
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local malicious user to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authenti...
Cisco Anyconnect Secure Mobility Client 4.9\\(3052\\)
Cisco Anyconnect Secure Mobility Client 98.145\\(86\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »