2376 matches found
CVE-2025-2704
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...
PT-2025-14550
Name of the Vulnerable Software and Affected Versions OpenVPN versions 2.6.1 through 2.6.13 Description The issue allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase when OpenVPN is used in server mode with TLS-crypt-v2. ...
OpenVPN 代码问题漏洞
OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an electronic certificate, or a...
UBUNTU-CVE-2025-2704
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...
SUSE SLES12 Security Update : openvpn (SUSE-SU-2025:1053-2)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1053-2 advisory. - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Tenable has extracted the preceding description...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:1053-2 Security update for openvpn
This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147...
SUSE SLES12 Security Update : openvpn (SUSE-SU-2025:1053-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1053-1 advisory. - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Tenable has extracted the preceding description...
Security update for openvpn
This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:1053-1 Security update for openvpn
This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147...
openvpn -- server-side denial-of-service vulnerability with tls-crypt-v2
Gert Doering reports: OpenVPN servers between 2.6.1 and 2.6.13 using --tls-crypt-v2 can be made to abort with an ASSERT message by sending a particular combination of authenticated and malformed packets. To trigger the bug, a valid tls-crypt-v2 client key is needed, or network observation of a...
OpenVPN Installed (Linux)
Binary data openvpnnixinstalled.nbin...
OpenVPN Installed (macOS)
Binary data openvpnmacosinstalled.nbin...
Ubuntu: Security Advisory (USN-7340-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-23384
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2.1, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2.1, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2.1, SCALANCE M812-1 ADSL-Router family All versions V8.2.1, SCALANCE M816...
CVE-2025-23384
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2.1, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2.1, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2.1, SCALANCE M812-1 ADSL-Router family All versions V8.2.1, SCALANCE M816...
CVE-2025-23384
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2.1, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2.1, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2.1, SCALANCE M812-1 ADSL-Router family All versions V8.2.1, SCALANCE M816...
CVE-2025-23384
The CVE-2025-23384 entry concerns Siemens devices (RUGGEDCOM RM1224 LTE and multiple SCALANCE products) affected by improper validation of usernames during OpenVPN authentication. The issue can allow a remote attacker to have partial invalid usernames accepted by the VPN server, potentially aidin...
USN-7340-1: OpenVPN vulnerabilities
It was discovered that OpenVPN did not perform proper input validation when generating a TLS key under certain configuration, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu...
USN-7340-1 openvpn vulnerabilities
It was discovered that OpenVPN did not perform proper input validation when generating a TLS key under certain configuration, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu...