Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2020-3436
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to upload arbitrary-sized files to specific folders on an affected device, which could ...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance
Cisco Firepower Threat Defense 6.6.0
Cisco Adaptive Security Appliance Software
3.7
CVSSv3
CVE-2020-5893
In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
7.1
CVSSv3
CVE-2022-20737
A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition on an affected ...
Cisco Adaptive Security Appliance Software
5.5
CVSSv3
CVE-2021-1519
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local malicious user to overwrite VPN profiles on an affected device. The vulnerability is due to insufficient validation of user-supp...
Cisco Anyconnect Secure Mobility Client
8.6
CVSSv3
CVE-2022-20933
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient...
Cisco Meraki Mx64 Firmware
Cisco Meraki Mx64w Firmware
Cisco Meraki Mx65 Firmware
Cisco Meraki Mx65w Firmware
Cisco Meraki Mx67 Firmware
Cisco Meraki Mx67cw Firmware
Cisco Meraki Mx67w Firmware
Cisco Meraki Mx68 Firmware
Cisco Meraki Mx68cw Firmware
Cisco Meraki Mx68w Firmware
Cisco Meraki Mx75 Firmware
Cisco Meraki Mx84 Firmware
Cisco Meraki Mx85 Firmware
Cisco Meraki Mx95 Firmware
Cisco Meraki Mx100 Firmware
Cisco Meraki Mx105 Firmware
Cisco Meraki Mx250 Firmware
Cisco Meraki Mx400 Firmware
Cisco Meraki Mx450 Firmware
Cisco Meraki Mx600 Firmware
Cisco Meraki Vmx Firmware
Cisco Meraki Z3c Firmware -
NA
CVE-2012-2493
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x prior to 2.5 MR6 on Windows, and 2.x prior to 2.5 MR6 and 3.x prior to 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader ...
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 2.3.185
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.3.254
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 3.0
5.9
CVSSv3
CVE-2015-6358
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote malicious users to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and k...
Cisco Rv320 Firmware
Cisco Rv325 Firmware
Cisco Rvs4000 Firmware
Cisco Wrv210 Firmware
Cisco Wap4410n Firmware
Cisco Wrv200 Firmware 1.0.39
Cisco Wrvs4400n Firmware
Cisco Wap200 Firmware
Cisco Wvc2300 Firmware
Cisco Pvc2300 Firmware
Cisco Srw224p Firmware
Cisco Wet200 Firmware
Cisco Wap2000 Firmware
Cisco Wap4400n Firmware
Cisco Rv120w Firmware
Cisco Rv180 Firmware
Cisco Rv180w Firmware
Cisco Rv315w Firmware
Cisco Srp520 Firmware
Cisco Srp520-u Firmware
Cisco Wrp500 Firmware
Cisco Spa400 Firmware
NA
CVE-2012-2495
The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x prior to 3.0 MR8 and Cisco Secure Desktop prior to 3.6.6020 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote malicious users to forc...
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Secure Desktop 3.1.1.33
Cisco Secure Desktop 3.4
Cisco Secure Desktop 3.3
Cisco Secure Desktop 3.5.2001
Cisco Secure Desktop 3.2.1
Cisco Secure Desktop 3.2
Cisco Secure Desktop 3.1
Cisco Secure Desktop 3.5.841
Cisco Secure Desktop 3.4.2
Cisco Secure Desktop 3.4.1
Cisco Secure Desktop 3.4.2048
Cisco Secure Desktop 3.1.1.45
Cisco Secure Desktop 3.1.1.27
Cisco Secure Desktop 3.1.1
Cisco Secure Desktop 3.5
Cisco Secure Desktop 3.5.1077
Cisco Secure Desktop
6.1
CVSSv3
CVE-2020-3580
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to conduct cross-site scripting (XSS) attacks against a user of the w...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
4 Github repositories
6.1
CVSSv3
CVE-2020-3581
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to conduct cross-site scripting (XSS) attacks against a user of the w...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »