Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssl vpn vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-5007
The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files.
Cisco Anyconnect Ssl Vpn -
NA
CVE-2010-0703
Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote malicious users to inject arbitrary web script or HTML via the reloadFrame parameter.
Portwise Ssl Vpn 4.6
1 EDB exploit
7.4
CVSSv3
CVE-2018-13283
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client prior to 1.2.5-0226 allows remote malicious users to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
Synology Ssl Vpn Client
8.1
CVSSv3
CVE-2018-8929
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client prior to 1.2.4-0224 allows remote malicious users to conduct man-in-the-middle attacks via a crafted payload.
Synology Ssl Vpn Client
7.8
CVSSv3
CVE-2021-27932
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 up to and including 2.8.0 has Insecure Permissions.
Stormshield Ssl Vpn Client
6
CVSSv3
CVE-2021-36809
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.
Sophos Ssl Vpn Client -
7.8
CVSSv3
CVE-2022-46782
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
Stormshield Ssl Vpn Client
5.3
CVSSv3
CVE-2022-46783
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book.
Stormshield Ssl Vpn Client
8.8
CVSSv3
CVE-2018-20193
Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs becaus...
Pulsesecure Secure Access Series Ssl Vpn Sa-4000 4.2
Pulsesecure Secure Access Series Ssl Vpn Sa-4000 5.1r5
NA
CVE-2009-2631
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products...
Cisco Adaptive Security Appliance
Sonicwall E-class Ssl Vpn
Sonicwall Ssl Vpn
Stonesoft Stonegate
Aladdin Safenet Securewire Access Gateway
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »