17 matches found
CVE-2026-0268
Prisma Access Agent for Linux contains a local authentication bypass that enables a local attacker to route traffic outside the VPN tunnel. The issue is limited to Linux; Windows, macOS, iOS, Android, and ChromeOS variants are not affected. The CVE entry notes a local attack vector with low privi...
EUVD-2016-4900
Malware in sbrugna...
CVE-2024-11624
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-23415
CVE-2025-23415 affects BIG-IP APM, specifically the endpoint inspection in the APM access policy, where a missing integrity check could allow bypassing endpoint inspection checks for VPN connections initiated via the BIG-IP APM browser network access VPN client (Windows, macOS, Linux). The issue ...
CVE-2024-11624
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-11624
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-48957
PureVPN Linux client 2.0.2-Productions fails to properly handle DNS queries, allowing them to bypass the VPN tunnel and be sent directly to the ISP or default DNS servers...
CVE-2024-34734
CVE-2024-34734 describes an Elevation of Privilege in Android related to FooterActionsViewModel.kt (onForegroundServiceButtonClicked): an insecure default value could allow disabling the active VPN from the lockscreen with local impact and no user interaction. The vulnerability is tracked in mult...
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Researchers have detailed a Virtual Private Network VPN bypass technique dubbed TunnelVision that allows threat actors to snoop on victim's network traffic by just being on the same local network. The "decloaking" method has been assigned the CVE identifier CVE-2024-3661 CVSS score: 7.6. It impac...
Code injection
A permissive list of allowed inputs vulnerability CWE-183 in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal...
TikTok Global – Trump Demanded Full TikTok Ownership
By Uzair Amir How much do you know about the TikTok ban? Will, the United States take ownership rights? Can a VPN bypass the ban? Find out all about it here! This is a post from HackRead.com Read the original post: TikTok Global – Trump Demanded Full TikTok Ownership...
openSUSE Security Update : opera (openSUSE-2020-1172)
This update for opera fixes the following issues : - Update to version 70.0.3728.71 - DNA-86267 Make Recently closed tabs appearance consistent with Search for open tabs. - DNA-86988 Opera 70 translations - DNA-87530 Zen news leads not loading - DNA-87636 Fix displaying folder icon for closed...
Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers
An unpatched bug in the latest version of Apple’s iOS is blocking virtual private network VPN applications from cloaking some private data transmitted between a device and the servers they are requesting data from. While the bug remains unpatched, Apple is suggesting steps users can take to reduc...
NetworkManager: Information exposure in DNS resolver
An information exposure vulnerability has been found in NetworkManager when dnsmasq is used in DNS processing mode. An attacker in control of a DNS server could receive DNS queries even though a Virtual Private Network VPN was configured on the vulnerable machine...
CVE-2008-3815
Unspecified vulnerability in Cisco Adaptive Security Appliances ASA 5500 Series and PIX Security Appliances 7.0 before 7.083, 7.1 before 7.1278, 7.2 before 7.2416, 8.0 before 8.046, and 8.1 before 8.1113, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote...
CVE-2007-1309
Novell Access Management 3 SSLVPN Server allows remote authenticated users to bypass VPN restrictions by making policy.txt read-only, disconnecting, then manually modifying policy.txt...
CVE-2007-1309
CVE-2007-1309 - detailed findings : The vulnerability affects Novell Access Management 3 SSLVPN Server. It allows remote authenticated users to bypass VPN restrictions by manipulating policy.txt: first set policy.txt read-only to disconnect, then modify policy.txt to alter policies. The underlyin...