Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco anyconnect secure mobility client vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-6638
A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. The vulnerability is d...
Cisco Anyconnect Secure Mobility Client
1 Github repository
7.8
CVSSv3
CVE-2017-3813
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local malicious user to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient i...
Cisco Anyconnect Secure Mobility Client 4.1.08005
Cisco Anyconnect Secure Mobility Client 4.2.04039
Cisco Anyconnect Secure Mobility Client 4.0.00052
Cisco Anyconnect Secure Mobility Client 4.0.00061
Cisco Anyconnect Secure Mobility Client 4.2.00096
Cisco Anyconnect Secure Mobility Client 4.2.01022
Cisco Anyconnect Secure Mobility Client 4.3.00748
Cisco Anyconnect Secure Mobility Client 4.3.01095
Cisco Anyconnect Secure Mobility Client 4.2.05015
Cisco Anyconnect Secure Mobility Client 4.2.06014
Cisco Anyconnect Secure Mobility Client 4.0.00057
Cisco Anyconnect Secure Mobility Client 4.0.00048
Cisco Anyconnect Secure Mobility Client 4.1.00028
Cisco Anyconnect Secure Mobility Client 4.1.02011
Cisco Anyconnect Secure Mobility Client 4.2.01035
Cisco Anyconnect Secure Mobility Client 4.2.02075
Cisco Anyconnect Secure Mobility Client 4.3.02039
Cisco Anyconnect Secure Mobility Client 4.3.03086
Cisco Anyconnect Secure Mobility Client 4.1.04011
Cisco Anyconnect Secure Mobility Client 4.1.06013
Cisco Anyconnect Secure Mobility Client 4.1.06020
Cisco Anyconnect Secure Mobility Client 4.2.03013
1 EDB exploit
7.8
CVSSv3
CVE-2016-9192
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSC...
Cisco Anyconnect Secure Mobility Client 3.1\\(60\\)
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
Cisco Anyconnect Secure Mobility Client 4.0.00048
Cisco Anyconnect Secure Mobility Client 3.1.05187
Cisco Anyconnect Secure Mobility Client 3.1.06073
Cisco Anyconnect Secure Mobility Client 4.0.00051
Cisco Anyconnect Secure Mobility Client 4.0\\(48\\)
Cisco Anyconnect Secure Mobility Client 4.3.00748
Cisco Anyconnect Secure Mobility Client 4.1\\(8\\)
Cisco Anyconnect Secure Mobility Client 4.3.01095
Cisco Anyconnect Secure Mobility Client 4.2.04039
Cisco Anyconnect Secure Mobility Client 3.1.07021
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
Cisco Anyconnect Secure Mobility Client 3.1.05182
Cisco Anyconnect Secure Mobility Client 3.1.02043
Cisco Anyconnect Secure Mobility Client 4.1.0
Cisco Anyconnect Secure Mobility Client 4.0.0
Cisco Anyconnect Secure Mobility Client 4.2.0
Cisco Anyconnect Secure Mobility Client 3.1.0
Cisco Anyconnect Secure Mobility Client 4.3.0
1 Github repository
7.8
CVSSv3
CVE-2016-6369
Cisco AnyConnect Secure Mobility Client prior to 4.2.05015 and 4.3.x prior to 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464.
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 3.0.1047
Cisco Anyconnect Secure Mobility Client 2.0.0343
Cisco Anyconnect Secure Mobility Client 2.3.0185
Cisco Anyconnect Secure Mobility Client 2.3.1003
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 3.0.3054
Cisco Anyconnect Secure Mobility Client 3.0.09266
Cisco Anyconnect Secure Mobility Client 3.1.05182
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
Cisco Anyconnect Secure Mobility Client 3.1.07021
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
Cisco Anyconnect Secure Mobility Client 4.2.04039
Cisco Anyconnect Secure Mobility Client 4.3.00748
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 2.5.2018
Cisco Anyconnect Secure Mobility Client 2.5.2019
Cisco Anyconnect Secure Mobility Client 2.5.3041
Cisco Anyconnect Secure Mobility Client 2.5.3046
Cisco Anyconnect Secure Mobility Client 2.5.3051
Cisco Anyconnect Secure Mobility Client 2.5.3054
7.5
CVSSv3
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.1t
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
7.5
CVSSv3
CVE-2015-3193
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 prior to 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote malicious users to obt...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
Nodejs Node.js
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
1 Github repository
NA
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
NA
CVE-2015-6322
The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 up to and including 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563.
Cisco Anyconnect Secure Mobility Client 2.3.0254
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 2.5.3051
Cisco Anyconnect Secure Mobility Client 2.5.3055
Cisco Anyconnect Secure Mobility Client 3.0.4235
Cisco Anyconnect Secure Mobility Client 3.0.5080
Cisco Anyconnect Secure Mobility Client 3.1.05187
Cisco Anyconnect Secure Mobility Client 3.1.07021
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5 Base
Cisco Anyconnect Secure Mobility Client 2.5.0217
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.1047
Cisco Anyconnect Secure Mobility Client 3.0.2052
Cisco Anyconnect Secure Mobility Client 3.0.3050
Cisco Anyconnect Secure Mobility Client 3.1\\(60\\)
Cisco Anyconnect Secure Mobility Client 4.0.0
NA
CVE-2015-6306
Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.
Cisco Anyconnect Secure Mobility Client 4.1.\\(8\\)
1 EDB exploit
NA
CVE-2015-6305
Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 up to and including 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, ...
Cisco Anyconnect Secure Mobility Client 2.1.0.148
Cisco Anyconnect Secure Mobility Client 2.2.0136
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 2.5.2019
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.2052
Cisco Anyconnect Secure Mobility Client 3.0.5080
Cisco Anyconnect Secure Mobility Client 3.0.09266
Cisco Anyconnect Secure Mobility Client 3.1.07021
Cisco Anyconnect Secure Mobility Client 4.0.0
Cisco Anyconnect Secure Mobility Client 2.5.0217
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 2.5.2010
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 3.0.3050
Cisco Anyconnect Secure Mobility Client 3.0.3054
Cisco Anyconnect Secure Mobility Client 3.0.4235
Cisco Anyconnect Secure Mobility Client 3.0.5075
Cisco Anyconnect Secure Mobility Client 4.0.00048
Cisco Anyconnect Secure Mobility Client 4.0.00051
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »