Show filters
31 Total Results
Displaying 1-10 of 31
Sort by:
Attacker Value
Unknown
CVE-2024-4944
Disclosure Date: July 09, 2024 (last updated August 23, 2024)
A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileged.
0
Attacker Value
Unknown
CVE-2024-3661
Disclosure Date: May 06, 2024 (last updated January 16, 2025)
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
0
Attacker Value
Unknown
CVE-2023-5593
Disclosure Date: November 20, 2023 (last updated January 04, 2025)
The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software version 4.0.4.0 could allow an authenticated local user to gain a privilege escalation by sending a crafted CREATE message.
0
Attacker Value
Unknown
CVE-2023-5748
Disclosure Date: November 07, 2023 (last updated November 15, 2023)
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
0
Attacker Value
Unknown
CVE-2022-46783
Disclosure Date: August 28, 2023 (last updated October 08, 2023)
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book.
0
Attacker Value
Unknown
CVE-2021-27932
Disclosure Date: August 25, 2023 (last updated October 08, 2023)
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions.
0
Attacker Value
Unknown
CVE-2022-46782
Disclosure Date: August 05, 2023 (last updated October 08, 2023)
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
0
Attacker Value
Unknown
CVE-2022-35416
Disclosure Date: July 11, 2022 (last updated October 07, 2023)
H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.
0
Attacker Value
Unknown
CVE-2021-36809
Disclosure Date: March 08, 2022 (last updated October 07, 2023)
A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.
0
Attacker Value
Unknown
CVE-2018-13283
Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
0