Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vpn client vulnerabilities and exploits
(subscribe to this query)
6
CVSSv3
CVE-2021-36809
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.
Sophos Ssl Vpn Client -
NA
CVE-2008-0324
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
Cisco Vpn Client 5.0.2.0090
1 EDB exploit
NA
CVE-2009-2918
The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0.
Thegreenbow Thegreenbow Vpn Client 4.61.003
1 EDB exploit
7
CVSSv3
CVE-2022-25165
An issue exists in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service (running...
Amazon Aws Client Vpn 2.0.0
4 Github repositories
5
CVSSv3
CVE-2022-25166
An issue exists in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters (such as auth-user-pass). When this file is imported and the client attempts to validate the file path, it performs an...
Amazon Aws Client Vpn 2.0.0
7.5
CVSSv3
CVE-2020-15590
A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 up to and including 2.3+ allows remote malicious users to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a &ld...
Privateinternetaccess Private Internet Access Vpn Client
5.3
CVSSv3
CVE-2020-13413
An issue exists in Aviatrix Controller prior to 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.
Aviatrix Controller
Aviatrix Vpn Client 2.8.2
NA
CVE-2002-0853
Cisco Virtual Private Network (VPN) Client 3.5.4 and previous versions allows remote malicious users to cause a denial of service (CPU consumption) via a packet with a zero-length payload.
Cisco Vpn Client 3.5.1
Cisco Vpn Client 3.5.2
NA
CVE-2002-0852
Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and previous versions allows remote malicious users to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large numb...
Cisco Vpn Client 3.5.1
Cisco Vpn Client 3.5.2
NA
CVE-2007-3157
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote malicious users to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support fo...
Safenet Safenet Highassurance Remote 1.4.0 Build 12
Safenet Softremote Vpn Client 1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »