99 matches found
CVE-2025-6543 Memory overflow vulnerability leading to unintended control flow and Denial of Service
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy OR AAA virtual server...
The vulnerability of the formSetPPTPServerCfg function in the Tenda AC10 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formSetPPTPServer /goform/SetPptpServerCfg function in the Tenda AC10 router software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibili...
PT-2025-26241 · Ubiquiti · Unifi Network Application
Name of the Vulnerable Software and Affected Versions: UniFi Network versions 9.1.120 and earlier Description: A misconfigured query in UniFi Network could allow users to authenticate to Enterprise WiFi or VPN Server l2tp and OpenVPN using a device’s MAC address from 802.1X or MAC Authentication,...
CVE-2023-28182
The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is configured with...
CVE-2022-0910
A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware...
The vulnerability of the TLS-crypt-v2 function on the software-based OpenVPN server allows a hacker to induce a service failure.
The vulnerability of the TLS-crypt-v2 function in the OpenVPN software server is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
Moderate: Red Hat Security Advisory: Bug fix of NetworkManager
Bug fix of NetworkManager Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routing table that is specified by ipv4.route-table JIRA:RHEL-73051 VPN connections do not support ipv4.routing-rules...
The vulnerability of the VPN server in corporate networks of Ivanti Secure Access Client (formerly Pulse Secure Desktop Client) – related to copying buffers without checking the size of the input data – allows a hacker to trigger a service failure.
The vulnerability of the VPN server in corporate networks of Ivanti Secure Access Client formerly Pulse Secure Desktop Client relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-20502
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishi...
CVE-2024-20498
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...
CVE-2024-20498
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...
CVE-2024-20501
CVE-2024-20501 describes multiple denial-of-service vulnerabilities in the Cisco AnyConnect VPN server used by Cisco Meraki MX and Z Series Teleworker Gateway. The root cause is insufficient validation of client-supplied parameters during SSL VPN session establishment, allowing an unauthenticated...
CVE-2024-20498 Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...
CVE-2024-20498
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...
PT-2024-18672 · Cisco · Cisco Meraki Z Series Teleworker Gateway +2
Name of the Vulnerable Software and Affected Versions: Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices affected versions not specified Description: A vulnerability in the Cisco AnyConnect VPN server could allow an unauthenticated, remote attacker to cause a DoS condition for...
The vulnerability of the VPN server for microprogramming router Totolink X2000R, which allows attackers to perform cross-site scripting attacks
The vulnerability of the VPN server for microprogramming routers Totolink X2000R relates to the lack of measures taken to protect the website structure during the processing of the “Comment” input field. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attack...
Tenda AC10 安全漏洞
Tenda AC10U is a wireless router from Tenda China. A buffer overflow vulnerability exists in the Tenda AC10U formSetPPTPServer function, which originates from the startIp parameter of the formSetPPTPServer function failing to properly validate the length of the input data, which can be exploited ...
The vulnerability of the VPN server of the Ivanti Secure Access Client (ISAC) for corporate networks (formerly known as Pulse Secure Desktop Client) on Windows operating systems arises from the use of insecure configurations. This vulnerability allows attackers to gain unauthorized access to protected information, increase their privileges, or cause service interruptions.
The vulnerability of the VPN server of Ivanti Secure Access Client formerly Pulse Secure Desktop Client for Windows operating systems is related to the use of insecure configurations. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information, increase...
CVE-2023-23581
A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service...
Denial of service
A denial-of-service vulnerability exists in the vpnserver ConnectionAccept functionality of SoftEther VPN 5.02. A set of specially crafted network connections can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability...