2376 matches found
Siemens RUGGEDCOM和Siemens SCALANCE 缓冲区错误漏洞
Siemens RUGGEDCOM and Siemens SCALANCE are both products of Siemens, Germany.Siemens RUGGEDCOM is a communications device. Siemens RUGGEDCOM is a communications device that provides fast and reliable communications for the power, transportation, oil and gas, and other industries.Siemens SCALANCE ...
OpenVPN Access Server Detected
This is an informational notice that the scanner was able to detect an OpenVPN Access Server on the target server. Note that this detection is included in the Remote Access Tools category. No source data...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : OpenVPN vulnerabilities (USN-7340-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7340-1 advisory. It was discovered that OpenVPN did not perform proper input validation when generating a TLS key under certain configuration, whi...
Siemens SCALANCE M-800 and SC-600 Families
SUMMARY SCALANCE M-800 and SC-600 families are affected by improper input validation in the OpenVPN authentication. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific...
Debian: Security Advisory (DLA-4079-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-4079 : openvpn - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4079 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4079-2 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 4079-1] openvpn security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4079-1 [email protected] https://www.debian.org/lts/security/ Aquila Macedo March 08, 2025 https://wiki.debian.org/LTS -...
DLA-4079-1 openvpn - security update
Bulletin has no description...
Linux Distros Unpatched Vulnerability : CVE-2024-5594
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenVPN before 2.6.11 does not santize PUSHREPLY messages properly which attackers can use to inject unexpected arbitrary data into third-party executables or...
Linux Distros Unpatched Vulnerability : CVE-2022-0547
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred...
The vulnerability of the openvpn_server_setup() function in the openvpn.cgi scenario of the Wavlink AC3000 (WL-WN533A8) router microprogramming software allows a hacker to circumvent existing security restrictions.
The vulnerability of the openvpnserversetup function in the openvpn.cgi script of the Wavlink AC3000 WL-WN533A8 router software is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending...
The vulnerability of the openvpn_server_setup() function in the openvpn.cgi scenario of the Wavlink AC3000 (WL-WN533A8) router microprogramming software allows a hacker to circumvent existing security restrictions.
The vulnerability of the openvpnserversetup function in the openvpn.cgi script of the Wavlink AC3000 WL-WN533A8 router software is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending...
The vulnerability of the openvpn_server_setup() function in the openvpn.cgi scenario of the Wavlink AC3000 (WL-WN533A8) router microprogramming software allows a hacker to circumvent existing security restrictions.
The vulnerability of the openvpnserversetup function in the openvpn.cgi script of the Wavlink AC3000 WL-WN533A8 router software is related to errors in system configuration or settings. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by sending...
Linux Distros Unpatched Vulnerability : CVE-2024-28820
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the extractopenvpncr function in openvpn-cr.c in openvpn-auth-ldap aka the Three Rings Auth-LDAP plugin for OpenVPN 2.0.4 allows attackers wi...
GHSA-PQ76-QJGJ-QV82 vulnerabilities
Vulnerabilities for packages: openvpn...
GHSA-PQ76-QJGJ-QV82 vulnerabilities
Vulnerabilities for packages: openvpn...
FreeBSD : security/openvpn-auth-ldap -- Fix buffer overflow in challenge/response (e915b60e-ea25-11ef-a1c0-0050569f0b83)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e915b60e-ea25-11ef-a1c0-0050569f0b83 advisory. Graham Northup reports: A buffer overflow in extractopenvpncr allows attackers with a valid LDAP userna...
Astra Linux – Vulnerability in OpenVPN
Before version 2.6.11, OpenVPN did not properly sanitize PUSHREPLY messages. This vulnerability could be exploited by attackers who control the server, allowing them to inject unexpected arbitrary data into client logs...
CVE-2024-0401
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U,...
openSUSE Security Advisory (SUSE-SU-2025:0278-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...