Lucene search
K

2382 matches found

OSV
OSV
added 2021/07/02 1:15 p.m.2 views

CVE-2021-3613

OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...

7.8CVSS7.3AI score0.00568EPSS
Exploits0References1
NVD
NVD
added 2021/07/02 1:15 p.m.13 views

CVE-2021-3613

OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...

7.8CVSS0.00568EPSS
Exploits0References1
NVD
NVD
added 2021/07/02 1:15 p.m.15 views

CVE-2021-3606

OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...

7.8CVSS0.00344EPSS
Exploits0References2
OSV
OSV
added 2021/07/02 1:15 p.m.11 views

CVE-2021-3606

OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...

7.8CVSS7.1AI score0.00344EPSS
Exploits0References2
Prion
Prion
added 2021/07/02 1:15 p.m.9 views

Default configuration

OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...

4.4CVSS7.6AI score0.00344EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/07/02 1:15 p.m.15 views

Default configuration

OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...

4.4CVSS7.6AI score0.00568EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/07/02 1:15 p.m.3 views

CVE-2021-3606

OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...

7.8CVSS5.7AI score0.00344EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/07/02 1:15 p.m.3 views

CVE-2021-3613

OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...

7.8CVSS5.7AI score0.00568EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/07/02 12:33 p.m.13 views

CVE-2021-3613

OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...

7.8AI score0.00568EPSS
Exploits0References1
CVE
CVE
added 2021/07/02 12:33 p.m.2960 views

CVE-2021-3613

CVE-2021-3613 affects OpenVPN Connect for Windows (versions 3.2.0–3.3.0). A local user can load arbitrary dynamic loadable libraries via an OpenSSL configuration file, enabling arbitrary code execution with the same privileges as OpenVPNConnect.exe. Public sources confirm the affected range and i...

7.8CVSS7.6AI score0.00568EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/07/02 12:30 p.m.59 views

CVE-2021-3606

OpenVPN CVE-2021-3606 affects OpenVPN for Windows prior to 2.5.3. The vulnerability allows local users to load arbitrary dynamic libraries via an OpenSSL configuration file, enabling code execution with the same privileges as the OpenVPN process (openvpn.exe). Connected advisories confirm remedia...

7.8CVSS7.6AI score0.00344EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/07/02 12:30 p.m.15 views

CVE-2021-3606

OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...

7.8CVSS7.7AI score0.00344EPSS
Exploits0
Cvelist
Cvelist
added 2021/07/02 12:30 p.m.24 views

CVE-2021-3606

OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process openvpn.exe...

7.8AI score0.00344EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.3 views

OpenVPN代码问题漏洞

OpenVPN is a software package from the American company OpenVPN for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...

7.8CVSS6AI score0.00344EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.6 views

OpenVPN Connect代码问题漏洞

Openvpn OpenVPN Connect is a VPN Virtual Private Network client application from the American company OpenVPN Openvpn. A security vulnerability exists in OpenVPNConnect 3.2.0 through 3.3.0 that allows a local user to load arbitrary dynamically loadable libraries if present via an OpenSSL...

7.8CVSS5.8AI score0.00568EPSS
Exploits0References2
0day.today
0day.today
added 2021/06/30 12:0 a.m.151 views

Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation Vulnerability

Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability. Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30 Metadata =================================================== Release Date: 29-Jun-2021 Author: Florian Bogner @...

7.8CVSS7.9AI score0.00707EPSS
Exploits3
OSV
OSV
added 2021/06/29 5:31 p.m.6 views

MGASA-2021-0302 Updated openvpn packages fix a security vulnerability

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks CVE-2020-15078...

7.5CVSS8.3AI score0.05107EPSS
Exploits0References4
Mageia
Mageia
added 2021/06/29 5:31 p.m.52 views

Updated openvpn packages fix a security vulnerability

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks CVE-2020-15078...

7.5CVSS5.6AI score0.05107EPSS
Exploits0References3
NVD
NVD
added 2021/06/28 5:15 p.m.29 views

CVE-2021-35523

Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file tha...

7.8CVSS0.00707EPSS
Exploits3References4
Prion
Prion
added 2021/06/28 5:15 p.m.16 views

Design/Logic Flaw

Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file tha...

7.2CVSS7.6AI score0.00707EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder