Lucene search
K

99 matches found

CNVD
CNVD
added 2021/03/08 12:0 a.m.6 views

Secomea GateManager Cross-Site Request Forgery Vulnerability

GateManager is a VPN server from Secomea. A cross-site request forgery vulnerability exists in the web GUI of Secomea GateManager versions prior to 9.4. An attacker can exploit this vulnerability to execute malicious code...

8.8CVSS6.9AI score0.00519EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/08 12:0 a.m.7 views

Secomea GateManager Cross-Site Scripting Vulnerability (CNVD-2021-15490)

GateManager is a VPN server from Secomea. A cross-site scripting vulnerability exists in the web GUI of Secomea GateManager versions prior to 9.4. An attacker can exploit this vulnerability to inject arbitrary javascript code...

6.3CVSS6.1AI score0.00651EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2021/01/15 3:8 p.m.39 views

How a VPN can protect your online privacy

Have you ever experienced the feeling of relief that comes when you do something silly, but youre glad you did it where people dont know you? Or maybe you wished you were somewhere like that, but alas… That is what a Virtual Private Network VPN can do for you: it can put you in a place where you...

Exploits0
ICS
ICS
added 2020/07/28 12:0 a.m.66 views

Secomea GateManager

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Secomea Equipment: GateManager Vulnerabilities: Improper Neutralization of Null Byte or NUL Character, Off-by-one Error, Use of Hard-coded Credentials, Use of Password Hash with Insufficient...

10CVSS10AI score0.02487EPSS
Exploits0References6
CVE
CVE
added 2019/07/29 4:28 p.m.51 views

CVE-2019-11868

CVE-2019-11868 affects SoftEther VPN Server with See.sys up to v4.25 (v4.29 or older). The issue allows a user to call an IOCTL that can specify any kernel address, enabling arbitrary bytes to be written to that address. This is described in multiple sources (NVD/Red Hat) as a local ability to wr...

7.8CVSS7.4AI score0.00354EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/05/02 7:29 a.m.3 views

CVE-2018-10646

CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method...

7.8CVSS6AI score0.00383EPSS
Exploits0References1
CERT
CERT
added 2018/02/01 12:0 a.m.523 views

Pulse Secure Linux client GUI fails to validate SSL certificates

Overview The Pulse Secure Linux client GUI fails to validate SSL certificates, which can allow an attacker to modify connection settings. Description Pulse Secure is an SSL VPN solution. The Linux Pulse Secure client GUI is implemented using WebKit, and the actions taken using the GUI are...

6.5CVSS6.2AI score0.00628EPSS
Exploits0References1
OSV
OSV
added 2017/10/26 5:29 a.m.6 views

CVE-2017-15882

The London Trust Media Private Internet Access PIA application before 1.3.3.1 for Android allows remote attackers to cause a denial of service application crash via a large VPN server-list file...

7.5CVSS5.8AI score0.01757EPSS
Exploits3References1
Prion
Prion
added 2017/10/26 5:29 a.m.22 views

Design/Logic Flaw

The London Trust Media Private Internet Access PIA application before 1.3.3.1 for Android allows remote attackers to cause a denial of service application crash via a large VPN server-list file...

5CVSS7.2AI score0.01757EPSS
Exploits3References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/04/20 12:0 a.m.9 views

VPN Server Detection via PPTP/L2TP

Binary data 7264.pasl...

7.3AI score
Exploits0
n0where
n0where
added 2017/02/16 6:48 a.m.23 views

Simple OpenVPN Raspberry Pi Installer: piVPN

Simple OpenVPN Raspberry Pi Installer This is a set of shell scripts that serve to easily turn your Raspberry Pi TM into a VPN server using the free, open-source OpenVPN software. The master branch of this script installs and configures OpenVPN on Raspbian Jessie and has been tested on Ubuntu 14....

7.3AI score
Exploits0References2
Hacker One
Hacker One
added 2016/12/30 3:18 p.m.21 views

Shopify: Authentication Bypass on monitoring server

Hello, This issue has the same impact as this one: 143482. But the fix is not complete, there is a shopify subdomain VPN server where you still can connect your google account. This should be hide and protected. So you guys need to change this so that only shopify.com Google accounts are accepted...

0.5AI score
Exploits0
n0where
n0where
added 2016/05/26 11:52 a.m.29 views

Usable Privacy Box: UpriBox

The upribox software is used to create Raspberry Pi images to turn your Raspberry Pi into a privacy-enhancing Wireless router. See the official Raspberry Pi documentation for pointers on how to install the upribox image on the SD card. Upon the first boot the SSH/VPN keys are automatically...

0.3AI score
Exploits0References1
Fedora
Fedora
added 2016/05/07 1:19 p.m.13 views

[SECURITY] Fedora 24 Update: NetworkManager-vpnc-1.2.0-1.fc24

This package contains software for integrating VPN capabilities with the vpnc server with NetworkManager...

3.1AI score
Exploits0
n0where
n0where
added 2016/02/22 6:9 p.m.14 views

Protecting Personal Information: Freedom Box

FreedomBox is a personal server that protects your privacy. It hosts on demand applications such as file sharing, shared calendaring, instant messaging, secure voice conference calling, blog and wiki. FreedomBox is a free software stack, a subset of the Debian universal operating system, that can...

0.7AI score
Exploits0
Metasploit
Metasploit
added 2013/05/12 2:27 p.m.62 views

Windows Manage Remote Point-to-Point Tunneling Protocol

This module initiates a PPTP connection to a remote machine VPN server. Once the tunnel is created we can use it to force the victim traffic to go through the server getting a man in the middle attack. Be sure to allow forwarding and masquerading on the VPN server mitm. This module requires...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/10/24 12:0 a.m.356 views

IPSEC Internet Key Exchange (IKE) Version 2 Detection

The remote host seems to be enabled to do Internet Key Exchange IKE. This is typically indicative of a VPN server. VPN servers are used to connect remote hosts into internal resources. Make sure that the use of this VPN endpoint is done in accordance with your corporate security policy. Note that...

5.5AI score
Exploits0
NVD
NVD
added 2010/10/14 5:52 a.m.9 views

CVE-2009-5008

Cisco Secure Desktop CSD, when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file...

2.1CVSS6.2AI score0.00353EPSS
Exploits0References1
0day.today
0day.today
added 2010/09/25 12:0 a.m.68 views

Cisco WRV210 null pointer dereference

Exploit for windows platform in category dos / poc ===================================== Cisco WRV210 null pointer dereference ===================================== / 2010-09-24 by Paolo j5r9pn3lka yahoo dot com Product: Cisco WRV210 Wireless-G VPN Router - RangeBooster Type: denial of service...

7AI score0.03178EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2009/11/12 12:0 a.m.123 views

CISCO ASA SSL VPN Detection

The remote host is a Cisco Adaptive Security Appliance ASA running an SSL VPN server. C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid42796; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/22"; scriptxrefname:"IAVT",...

5.5AI score
Exploits0
Rows per page
Query Builder