Advisory ROSA-SA-2025-2939

Software: openvpn 2.5.8 OS: ROSA-CHROME unaffected versions = openvpn-2.5.8-2 affected versions openvpn-2.5.8-2 CVE-ID: CVE-2024-4877 BDU-ID: 2025-03850 CVE-Crit: MEDIUM CVE-DESC.: An Interactive Service iservice vulnerability in the OpenVPN GUI client of the OpenVPN software is related to access...

The vulnerability of the ovpn-dco driver for Windows operating systems in the OpenVPN virtual private network creation software allows a hacker to induce a service failure.

The vulnerability of the ovpn-dco driver for Windows operating systems in the OpenVPN virtual private network creation software is related to pointer aliasing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2024-5857 · Openvpn +7 · Openvpn +7

Name of the Vulnerable Software and Affected Versions: OpenVPN versions prior to 2.6.11 Description: The issue is related to the lack of proper sanitization of PUSH REPLY messages, which can be exploited by attackers to inject unexpected arbitrary data into third-party executables or plug-ins. Th...

The vulnerability of the OpenSSL library used in OpenVPN software allows a hacker to execute arbitrary code.

The vulnerability of the OpenSSL library used in OpenVPN software is related to errors in the path validation mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code...