Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssl vpn vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2583
Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (Aventail.EPInstaller) prior to 10.5.2 and 10.0.5 hotfix 3 allows remote malicious users to execute arbitrary code via long (1) CabURL and (2) Location arguments to the Install3rdPar...
Sonicwall Ssl-vpn End-point Interrogator\\/installer Activex Control
Sonicwall Ssl-vpn End-point Interrogator\\/installer Activex Control 10.0.5
NA
CVE-2012-4043
Cross-site scripting (XSS) vulnerability in global-protect/login.esp in Palo Alto Networks Global Protect Portal, Global Protect Gateway, and SSL VPN portals 3.1.x up to and including 3.1.11 and 4.0.x up to and including 4.0.5 allows remote malicious users to inject arbitrary web...
Palo Alto Networks Global Protect Portal
Palo Alto Global Protected Gateway 3.1.11
Palo Alto Global Protected Gateway 3.1
Palo Alto Global Protected Gateway 4.0
Palo Alto Ssl Vpn 4.0.5
Palo Alto Global Protected Gateway 4.0.5
Palo Alto Ssl Vpn 3.1
Palo Alto Ssl Vpn 3.1.11
Palo Alto Ssl Vpn 4.0
7.8
CVSSv3
CVE-2023-5593
The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software version 4.0.4.0 could allow an authenticated local user to gain a privilege escalation by sending a crafted CREATE message.
Zyxel Secuextender Ssl Vpn 4.0.4.0
NA
CVE-2008-2637
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote malicious users to inject arbitrary web script or HTML via quotes in (1) the css_exceptions parameter in vdesk/admincon/webyfiers.php and (2) the...
F5 Firepass Ssl Vpn 6.0.2
2 EDB exploits
6.5
CVSSv3
CVE-2019-12677
A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition that prevents the creation of new SSL/Transport Layer Security (TLS) ...
Cisco Adaptive Security Appliance Software
1 Article
7.5
CVSSv3
CVE-2020-3529
A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause a reload of an affected device, resulting in a denial of servic...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance
Cisco Adaptive Security Appliance Software
8.6
CVSSv3
CVE-2020-3358
A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote malicious user to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack...
Cisco Rv340 Dual Wan Gigabit Vpn Router Firmware
Cisco Rv340w Dual Wan Gigabit Wireless-ac Vpn Router Firmware
Cisco Rv345 Dual Wan Gigabit Vpn Router Firmware
Cisco Rv345p Dual Wan Gigabit Poe Vpn Router Firmware
1 Article
7.1
CVSSv3
CVE-2022-20737
A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition on an affected ...
Cisco Adaptive Security Appliance Software
7.5
CVSSv3
CVE-2022-23746
The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords.
Checkpoint Ssl Network Extender R81.10
Checkpoint Ssl Network Extender R80.20
Checkpoint Ssl Network Extender R80.20sp
Checkpoint Ssl Network Extender R80.30
Checkpoint Ssl Network Extender R80.30sp
Checkpoint Ssl Network Extender R80.40
Checkpoint Ssl Network Extender R81
NA
CVE-2001-0427
Cisco VPN 3000 series concentrators prior to 2.5.2(F) allow remote malicious users to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.
Cisco Vpn 3030 Concentator
Cisco Vpn 3060 Concentrator
Cisco Vpn 3005 Concentrator
Cisco Vpn 3015 Concentrator
Cisco Vpn 3000 Concentrator
Cisco Vpn 3080 Concentrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »