CVE-2023-46849

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service...

OpenVPN Security Vulnerabilities

OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from the US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a...

OpenVPN Security Vulnerabilities

OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an electronic certificate, or a...

PT-2023-8906 · Openvpn +3 · Openvpn +3

Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.6.0 through 2.6.6 Description: The issue is related to the use of the --fragment option in certain configuration setups, which can cause a divide by zero behavior. This could lead to an application crash, resulting in a...

PT-2023-8897 · Openvpn +3 · Openvpn +3

Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.6.0 through 2.6.6 Description: The issue is related to a use after free condition in OpenVPN, which may lead to undefined behavior, leaking memory buffers, or remote execution when sending network buffers to a remote peer...

F5 Networks BIG-IP : TMM vulnerability (K04730051)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.0.0.5 / 14.1.0.6. It is, therefore, affected by a vulnerability as referenced in the K04730051 advisory. - On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain conditions, the TMM process may terminate and...

CVE-2023-47101

The installer aka openvpn-client-installer in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair...

CVE-2023-47101

The installer aka openvpn-client-installer in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair...

The vulnerability of the OpenVPN Connect software is related to errors in the authentication process, which allows a hacker to carry out a man-in-the-middle attack.

The vulnerability of the OpenVPN Connect software is related to errors in the authentication process. Exploiting this vulnerability allows a remote attacker to carry out a man-in-the-middle attack...

CVE-2022-3761

OpenVPN Connect versions before 3.4.0.4506 macOS and OpenVPN Connect before 3.4.0.3100 Windows allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials...

CVE-2022-3761

OpenVPN Connect versions before 3.4.0.4506 macOS and OpenVPN Connect before 3.4.0.3100 Windows allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials...

Design/Logic Flaw

OpenVPN Connect versions before 3.4.0.4506 macOS and OpenVPN Connect before 3.4.0.3100 Windows allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials...

CVE-2022-3761

OpenVPN Connect versions before 3.4.0.4506 macOS and OpenVPN Connect before 3.4.0.3100 Windows allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials...

CVE-2022-3761

OpenVPN Connect on macOS and Windows is affected by CVE-2022-3761 due to errors in the certificate authentication procedure, allowing a man-in-the-middle attacker to intercept requests for downloading configuration profiles that contain user credentials. Affected versions include macOS before 3.4...

OpenVPN Connect Trust Management Issues Vulnerabilities

OpenVPN Connect is a VPN Virtual Private Network client application from US-based OpenVPN. A security vulnerability exists in OpenVPN Connect prior to 3.4.0.4506 macOS, OpenVPN Connect prior to 3.4.0.3100 Windows, which originates from a vulnerability that could allow a man-in-the-middle attacker...

PT-2023-6378 · Openvpn · Openvpn Connect

Name of the Vulnerable Software and Affected Versions: OpenVPN Connect versions before 3.4.0.4506 macOS OpenVPN Connect versions before 3.4.0.3100 Windows Description: The issue is related to errors in the certificate authentication procedure, allowing a remote attacker to perform a...

CVE-2023-41349

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...

CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...

CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...

CVE-2023-41349

CVE-2023-41349 affects ASUS RT-AX88U routers and involves an externally controllable format string vulnerability in the Advanced OpenVPN function. An authenticated remote attacker can exploit an exported OpenVPN configuration to trigger a format string attack, leading to sensitive information lea...