Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-4104
An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN ...
Mozilla Vpn
1 Article
6.5
CVSSv3
CVE-2018-6374
The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Certificate Validation. This can lead to the manipulation of the Pulse Connection set.
Pulsesecure Desktop Linux Client
NA
CVE-2009-5007
The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files.
Cisco Anyconnect Ssl Vpn -
NA
CVE-2007-5603
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control prior to 2.1.0.51, and 2.5.x prior to 2.5.0.56, allows remote malicious users to execute arbitrary code via a long string in the second argument to the AddRouteEntry method.
Sonicwall Ssl Vpn
2 EDB exploits
8.5
CVSSv3
CVE-2022-3337
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch feature being enabled on Zero Trust Platform. ...
Cloudflare Warp Mobile Client
7.8
CVSSv3
CVE-2023-5593
The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software version 4.0.4.0 could allow an authenticated local user to gain a privilege escalation by sending a crafted CREATE message.
Zyxel Secuextender Ssl Vpn 4.0.4.0
NA
CVE-2006-3551
NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when the Link Firewall and Personal Firewall are both configured to block all inbound and outbound network traffic, allows context-dependent malicious users to send inbound UDP traffic...
Ncp Network Communications Secure Client
7.1
CVSSv3
CVE-2021-1493
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote malicious user to cause a buffer overflow on an affected system. The vulnerability is due to in...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
7.5
CVSSv3
CVE-2017-17543
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encrypt...
Fortinet Forticlient
Fortinet Forticlient Sslvpn Client
7.5
CVSSv3
CVE-2020-3259
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to retrieve memory contents on an affected device, which could lead to the dis...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »