Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
CiscoAnyconnect Secure Mobility Client2.1

8 matches found

CVE
CVEadded 2012/06/20 8:55 p.m.140 views

CVE-2012-2494

The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by us...

4.3CVSS6.7AI score0.00198EPSS
CVE
CVEadded 2011/06/02 7:55 p.m.66 views

CVE-2011-2039

The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via...

7.6CVSS7.5AI score0.85343EPSS
CVE
CVEadded 2013/04/11 10:55 a.m.55 views

CVE-2013-1173

Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14143.

6.6CVSS7.1AI score0.00085EPSS
CVE
CVEadded 2011/06/02 8:55 p.m.51 views

CVE-2011-2041

The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556.

7.2CVSS6.6AI score0.00065EPSS
CVE
CVEadded 2011/06/02 7:55 p.m.48 views

CVE-2011-2040

The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x before 3.0.629, on Linux and Mac OS X downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arb...

9.3CVSS7.7AI score0.02091EPSS
CVE
CVEadded 2012/06/20 8:55 p.m.48 views

CVE-2012-2493

The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows rem...

9.3CVSS7.6AI score0.01576EPSS
CVE
CVEadded 2013/04/11 10:55 a.m.40 views

CVE-2013-1172

The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.

6.6CVSS6.6AI score0.0008EPSS
CVE
CVEadded 2013/11/04 4:55 p.m.38 views

CVE-2013-5559

Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.

6.8CVSS7.7AI score0.01865EPSS