Lucene search
K

2382 matches found

Vulnrichment
Vulnrichment
added 2022/02/16 6:35 p.m.41 views

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...

6.3AI score0.05322EPSS
Exploits1References3
CVE
CVE
added 2022/02/16 6:35 p.m.656 views

CVE-2021-3773

CVE-2021-3773 is a netfilter information-disclosure vulnerability in the Linux kernel that could allow a network-connected attacker to infer the OpenVPN connection endpoint. The issue is described as an information leak through netfilter, enabling reconnaissance for further attacks. Exploitation ...

9.8CVSS8.9AI score0.05322EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/02/16 6:35 p.m.40 views

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...

9.3AI score0.05322EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.4 views

PT-2022-2555 · Amazon · Amazon Aws Client Vpn

Name of the Vulnerable Software and Affected Versions: Amazon AWS VPN Client version 2.0.0 Description: An issue exists in the Amazon AWS VPN Client, allowing parameters outside of the allow list to be injected into the configuration file. This can lead to an arbitrary file write as SYSTEM with...

7CVSS9.3AI score0.00518EPSS
Exploits1References20
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.3 views

PT-2022-2554 · Amazon · Amazon Aws Client Vpn

Name of the Vulnerable Software and Affected Versions: Amazon AWS VPN Client version 2.0.0 Description: The issue is related to the Amazon AWS VPN Client, where it is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass...

7CVSS9.3AI score0.01416EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.20 views

Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Plaintext Storage of a Password (CVE-2019-14929)

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Stored cleartext passwords could allow an unauthenticated attacker to obtain configured username and password combinations on the RTU due to the weak credentials management on the RTU. ...

9.8CVSS8.3AI score0.01936EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2017-0224)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.04759EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.7 views

Mageia: Security Advisory (MGASA-2016-0200)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.9 views

Mageia: Security Advisory (MGASA-2014-0512)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.03478EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2021-0302)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.05107EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2017-0372)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.03629EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2017-0152)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.13892EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2018-0329)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00608EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.8 views

Mageia: Security Advisory (MGASA-2016-0010)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.6 views

Mageia: Security Advisory (MGASA-2021-0344)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2016-0304)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.1AI score0.0594EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2020-0195)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.5AI score0.01609EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2022/01/24 12:0 a.m.61 views

GLSA-202105-25 : OpenVPN: Authentication bypass

The remote host is affected by the vulnerability described in GLSA-202105-25 OpenVPN: Authentication bypass It was discovered that OpenVPN incorrectly handled deferred authentication. Impact : A remote attacker could bypass authentication and access control channel data and trigger further...

7.5CVSS7.2AI score0.05107EPSS
Exploits0References2
Redos
Redos
added 2021/12/24 12:0 a.m.31 views

ROS-2-816

2.816 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

7.5CVSS7.3AI score0.05107EPSS
Exploits0
NVD
NVD
added 2021/12/09 4:15 p.m.20 views

CVE-2021-20145

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, o...

7.5CVSS0.01242EPSS
Exploits1References1
Rows per page
Query Builder