Lucene search
K

31 matches found

Positive Technologies
Positive Technologies
added 2022/08/15 12:0 a.m.7 views

PT-2022-24390 · Aviatrix · Aviatrix Gateway

Name of the Vulnerable Software and Affected Versions: Aviatrix Gateway versions prior to 6.6.5712 Aviatrix Gateway versions 6.7.x prior to 6.7.1376 Description: An issue was discovered in Aviatrix Gateway where Gateway API functions mishandle authentication. This allows an authenticated VPN user...

8.8CVSS8.5AI score0.00666EPSS
Exploits0References3
NVD
NVD
added 2021/09/24 3:15 a.m.17 views

CVE-2021-41583

vpn-user-portal aka eduVPN or Let's Connect! before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional V...

9CVSS0.01816EPSS
Exploits0References2
Prion
Prion
added 2021/09/24 3:15 a.m.17 views

Code injection

vpn-user-portal aka eduVPN or Let's Connect! before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional V...

9CVSS8.3AI score0.01816EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/09/24 2:22 a.m.48 views

CVE-2021-41583

vpn-user-portal (eduVPN/Let's Connect!) before 2.3.14, as packaged for Debian 10/11 and Fedora, allows remote authenticated users to obtain OS filesystem access due to the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional VPN access. Affected...

9CVSS6.2AI score0.01816EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/09/24 12:0 a.m.5 views

PT-2021-4477 · Unknown · Vpn-User-Portal

Name of the Vulnerable Software and Affected Versions: vpn-user-portal versions prior to 2.3.14 Description: The issue arises from insufficient input validation in the vpn-user-portal software, allowing remote authenticated users to obtain OS filesystem access due to the interaction of QR codes...

9CVSS6.5AI score0.01816EPSS
Exploits0References9
CNNVD
CNNVD
added 2021/09/24 12:0 a.m.4 views

Commons Conservancy eduVPN 输入验证错误漏洞

Commons Conservancy eduVPN is a project of the Commons Conservancy Foundation for secure Internet access for R&E. Commons Conservancy eduVPN suffers from an input validation error vulnerability that stems from vpn-user-portal on Debian 10, Debian 11, and Fedora prior to version 2.3.14 Due to a QR...

9CVSS6.7AI score0.01816EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/07/07 12:0 a.m.6 views

PT-2020-6826 · Citrix · Citrix Adc +1

Name of the Vulnerable Software and Affected Versions: Citrix ADC and Citrix Gateway versions 13.0-58.30 and later releases before the CTX276688 update Description: The issue is related to insufficient protection of service data in the implementation of SSL VPN controller delivery in Citrix ADC a...

6.8CVSS6.8AI score0.00578EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/06/16 8:14 p.m.24 views

CVE-2019-17655

A cleartext storage in a file or on disk CWE-313 vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on...

5.3CVSS7.3AI score0.00994EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2018/09/20 12:0 a.m.4 views

September 20, 2018—KB4457141 (OS Build 15063.1358)

None None...

6.1AI score
Exploits0
seebug.org
seebug.org
added 2017/05/02 12:0 a.m.57 views

Heap Overflow Vulnerability in Citrix NetScaler Gateway (CVE-2017-7219)

After presenting my findings on the Swisscom router at the CybSecConference last year, I started looking for a new product to analyze. I quickly found that it’s possible to download virtual “demo” appliances of Citrix products, so I went on to download a Netscaler VPX, which at the time was at...

9CVSS9.7AI score0.04856EPSS
Exploits2
NVD
NVD
added 2005/12/31 5:0 a.m.18 views

CVE-2005-2762

Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user's credentials...

2.1CVSS6.4AI score0.00335EPSS
Exploits0References1
Rows per page
Query Builder