Vulnerabilities found in Check Point Remote and Mobile Access VPN-products

Check Point has identified vulnerabilities in Remote and Mobile Access VPN products, specifically those implemented using the IKEv1 key exchange protocol. Two vulnerabilities have been identified in Check Point Security Gateways and Remote Access VPN environments that utilize the outdated IKEv1...

Cisco Firepower Threat Defense (FTD) Software ESP Packet Processing DoS (cisco-sa-asaftd-esp-dos-uv7yD8P5)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Applian...

CVE-2026-20014

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS condition on an affected device that may also impact the availability of services to devices...

EUVD-2017-8703

Malware in sbrugna...

EUVD-2013-5384

Malware in sbrugna...

EUVD-2008-3801

Malware in sbrugna...

EUVD-2007-4405

Malware in sbrugna...

CVE-2020-12820

Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon fcnacd and potentially execute arbitrary code via requesting a large FortiClien...

CVE-2024-20481

A vulnerability in the Remote Access VPN RAVPN service of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of the RAVPN service. This vulnerability is due to resource...

CVE-2024-20481

A vulnerability in the Remote Access VPN RAVPN service of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of the RAVPN service. This vulnerability is due to resource...

CVE-2024-20481

A vulnerability in the Remote Access VPN RAVPN service of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of the RAVPN service. This vulnerability is due to resource...

CVE-2024-20509

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service DoS condition for individual users of the AnyConnect VPN...

PT-2024-18671 · Cisco · Cisco Meraki Z Series Teleworker Gateway +2

Name of the Vulnerable Software and Affected Versions: Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices affected versions not specified Description: A vulnerability in the Cisco AnyConnect VPN server could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN...

Cisco Meraki Z和Cisco Meraki MX 资源管理错误漏洞

The Cisco Meraki Z and Cisco Meraki MX are both products of Cisco, Inc.The Cisco Meraki Z is an enterprise-class firewall, VPN gateway, and router.The Cisco Meraki MX is a multifunction security and SD-WAN enterprise appliance. A resource management error vulnerability exists in the Cisco Meraki ...

CVE-2022-20928

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to...

CVE-2022-20928

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to...

The vulnerability of the GlobalProtect Agent VPN application, related to authentication procedures that are insufficient, allows a hacker to forge a VPN session and gain access under the user’s identity.

The vulnerability of the corporate VPN application GlobalProtect Agent is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to forge a VPN session and gain access under the user’s identity...

September 17, 2018—KB4464218 (OS Build 17134.286)

September 17, 2018—KB4464218 OS Build 17134.286 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses a Microsoft Intune issue that occurs after installing any of the updates released...

CVE-2018-7572

Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrupt the client's network...

Information disclosure

An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to...