2382 matches found
CVE-2021-3613
OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...
CVE-2021-3613
OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...
CVE-2021-3606
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...
CVE-2021-3606
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...
Default configuration
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...
Default configuration
OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...
CVE-2021-3606
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...
CVE-2021-3613
OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...
CVE-2021-3613
OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...
CVE-2021-3613
CVE-2021-3613 affects OpenVPN Connect for Windows (versions 3.2.0–3.3.0). A local user can load arbitrary dynamic loadable libraries via an OpenSSL configuration file, enabling arbitrary code execution with the same privileges as OpenVPNConnect.exe. Public sources confirm the affected range and i...
CVE-2021-3606
OpenVPN CVE-2021-3606 affects OpenVPN for Windows prior to 2.5.3. The vulnerability allows local users to load arbitrary dynamic libraries via an OpenSSL configuration file, enabling code execution with the same privileges as the OpenVPN process (openvpn.exe). Connected advisories confirm remedia...
CVE-2021-3606
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...
CVE-2021-3606
OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...
OpenVPN代码问题漏洞
OpenVPN is a software package from the American company OpenVPN for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...
OpenVPN Connect代码问题漏洞
Openvpn OpenVPN Connect is a VPN Virtual Private Network client application from the American company OpenVPN Openvpn. A security vulnerability exists in OpenVPNConnect 3.2.0 through 3.3.0 that allows a local user to load arbitrary dynamically loadable libraries if present via an OpenSSL...
Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation Vulnerability
Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability. Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30 Metadata =================================================== Release Date: 29-Jun-2021 Author: Florian Bogner @...
MGASA-2021-0302 Updated openvpn packages fix a security vulnerability
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks CVE-2020-15078...
Updated openvpn packages fix a security vulnerability
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks CVE-2020-15078...
CVE-2021-35523
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file tha...
Design/Logic Flaw
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file tha...