Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipsec client vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2010-0392
Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote malicious users to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to "phase...
Thegreenbow Ipsec Vpn Client 4.51.001
Thegreenbow Ipsec Vpn Client 4.65.003
9.3
CVSSv2
CVE-2017-17023
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software ...
Sophos Ipsec Client 11.04
Ncp-e Ncp Secure Entry Client 10.11
4.9
CVSSv2
CVE-2008-0324
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
Cisco Vpn Client 5.0.2.0090
1 EDB exploit
4
CVSSv2
CVE-2012-2500
Cisco AnyConnect Secure Mobility Client 3.0 prior to 3.0.08057 does not verify the certificate name in an X.509 certificate during WebLaunch of IPsec, which allows man-in-the-middle malicious users to spoof servers via a crafted certificate, aka Bug ID CSCtz29470.
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.07059
Cisco Anyconnect Secure Mobility Client 3.0
5.8
CVSSv2
CVE-2012-2499
The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3.0 prior to 3.0.08057 does not verify the certificate name in an X.509 certificate, which allows man-in-the-middle malicious users to spoof servers via a crafted certificate, aka Bug ID CSCtz26985.
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Anyconnect Secure Mobility Client 3.0.07059
Cisco Anyconnect Secure Mobility Client 3.0.0629
5.8
CVSSv2
CVE-2022-20742
A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due t...
Cisco Firepower Threat Defense 7.1.0
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
2.1
CVSSv2
CVE-2009-2918
The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0.
Thegreenbow Thegreenbow Vpn Client 4.61.003
1 EDB exploit
7.8
CVSSv2
CVE-2018-0472
A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote malicious user to cause the device to reload. The vulnerability is due to improper process...
Cisco Ios Xe 16.8.1
Cisco Ios Xe 15.5\\(3\\)s5.36
5
CVSSv2
CVE-2007-3157
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote malicious users to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support fo...
Safenet Safenet Highassurance Remote 1.4.0 Build 12
Safenet Softremote Vpn Client 1.4
1 EDB exploit
7.5
CVSSv2
CVE-2005-3915
The Internet Key Exchange version 1 (IKEv1) implementation in Clavister Client Web allows remote malicious users to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the l...
Clavister Clavister Security Gateway 8.40.05
Clavister Clavister Security Gateway 8.50.02
Clavister Clavister Security Gateway 8.60.01 Rc1
Clavister Clavister Firewall 8.30.01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »