286 matches found
[SECURITY] Fedora 44 Update: ocserv-1.5.0-2.fc44
OpenConnect server ocserv is an SSL VPN server. Its purpose is to be a secure, small, fast and configurable VPN server. It implements the OpenConnect SSL VPN protocol, and has also currently experimental compatibility with clients using the AnyConnect SSL VPN protocol. The OpenConnect VPN protoco...
Astra Linux – Vulnerability in openconnect
OpenConnect 8.09 has a buffer overflow issue, which can lead to a denial of service application crash or potentially cause unspecified other problems, due to crafted certificate data being used in the getcertname function within gnutls.c...
Astra Linux – Vulnerability in openconnect
OpenConnect through version 8.08 mishandles negative return values from X509check function calls, which may assist attackers in performing man-in-the-middle attacks...
CVE-2022-31524
The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2019-16239
processhttpresponse in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes...
EUVD-2020-4421
Malware in sbrugna...
EUVD-2010-3880
Malware in sbrugna...
EUVD-2009-4971
Malware in sbrugna...
EUVD-2020-5106
Malware in sbrugna...
EUVD-2010-3879
Malware in sbrugna...
EUVD-2012-5995
Malware in sbrugna...
EUVD-2010-3881
Malware in sbrugna...
EUVD-2019-7046
Malware in sbrugna...
EUVD-2012-3269
Malware in sbrugna...
EUVD-2013-6884
Malware in sbrugna...
EUVD-2021-32527
Malicious code in bioql PyPI...
EUVD-2022-52980
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-12823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenConnect 8.09 has a buffer overflow, causing a denial of service application crash or possibly unspecified other impact, via crafted certificate data to...
Linux Distros Unpatched Vulnerability : CVE-2020-12105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenConnect through 8.08 mishandles negative return values from X509check function calls, which might assist attackers in performing man-in-the-middle attacks...
CVE-2021-45809
GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the --script=...