Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
5.7
CVSSv3
CVE-2023-36672
An issue exists in the Clario VPN client up to and including 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subn...
Clario Vpn
2 Articles
7.3
CVSSv3
CVE-2023-36673
An issue exists in Avira Phantom VPN up to and including 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by ...
Avira Phantom Vpn
2 Articles
5.7
CVSSv3
CVE-2023-35838
The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and ser...
Wireguard Wireguard 0.5.3
1 Article
7.8
CVSSv3
CVE-2022-46782
An issue exists in Stormshield SSL VPN Client prior to 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
Stormshield Ssl Vpn Client
8.8
CVSSv3
CVE-2023-24492
A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an malicious user to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts.
Citrix Secure Access Client
7.8
CVSSv3
CVE-2023-20178
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local malicious user to elevate privileges to those of SYSTEM. The client update ...
Cisco Secure Client
Cisco Anyconnect Secure Mobility Client
2 Github repositories
9.8
CVSSv3
CVE-2023-30328
An issue in the helper tool of Mailbutler GmbH Shimo VPN Client for macOS v5.0.4 allows malicious users to bypass authentication via PID re-use.
Mailbutler Shimo 5.0.4
8.5
CVSSv3
CVE-2022-3337
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch feature being enabled on Zero Trust Platform. ...
Cloudflare Warp Mobile Client
8.6
CVSSv3
CVE-2022-20933
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient...
Cisco Meraki Mx64 Firmware
Cisco Meraki Mx64w Firmware
Cisco Meraki Mx65 Firmware
Cisco Meraki Mx65w Firmware
Cisco Meraki Mx67 Firmware
Cisco Meraki Mx67cw Firmware
Cisco Meraki Mx67w Firmware
Cisco Meraki Mx68 Firmware
Cisco Meraki Mx68cw Firmware
Cisco Meraki Mx68w Firmware
Cisco Meraki Mx75 Firmware
Cisco Meraki Mx84 Firmware
Cisco Meraki Mx85 Firmware
Cisco Meraki Mx95 Firmware
Cisco Meraki Mx100 Firmware
Cisco Meraki Mx105 Firmware
Cisco Meraki Mx250 Firmware
Cisco Meraki Mx400 Firmware
Cisco Meraki Mx450 Firmware
Cisco Meraki Mx600 Firmware
Cisco Meraki Vmx Firmware
Cisco Meraki Z3c Firmware -
8.8
CVSSv3
CVE-2021-27406
An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into initializing a new open-VPN instance with arbitrary open-VPN configuration. This ...
Perfact Openvpn-client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »