Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0346
SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.
Safenet Softremote Vpn Client
5.5
CVSSv3
CVE-2023-5748
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client prior to 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
Synology Ssl Vpn Client
NA
CVE-2008-0324
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
Cisco Vpn Client 5.0.2.0090
1 EDB exploit
7.4
CVSSv3
CVE-2018-13283
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client prior to 1.2.5-0226 allows remote malicious users to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
Synology Ssl Vpn Client
7.8
CVSSv3
CVE-2021-20037
SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incorrect default file permission vulnerability leads to privilege escalation which potentially allows command execution in the host operating system. This vulnerability impacts GVC 4.10.5 installer and previous ver...
Sonicwall Global Vpn Client
7.8
CVSSv3
CVE-2021-20047
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and previous versions have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system.
Sonicwall Global Vpn Client
7.8
CVSSv3
CVE-2021-20051
SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and previous versions versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target sy...
Sonicwall Global Vpn Client
8.1
CVSSv3
CVE-2018-8929
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client prior to 1.2.4-0224 allows remote malicious users to conduct man-in-the-middle attacks via a crafted payload.
Synology Ssl Vpn Client
6
CVSSv3
CVE-2021-36809
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.
Sophos Ssl Vpn Client -
7.8
CVSSv3
CVE-2020-5144
SonicWall Global VPN client version 4.10.4.0314 and previous versions allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.
Sonicwall Global Vpn Client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »