Search CVE reports

1 – 10 of 15 results

Detailed view

Sort by:

CVE-2024-3661

High priority

Vulnerable

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An...

29 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
connman	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
gadmin-openvpn-client	Not in release	Not in release	Vulnerable	Vulnerable	Vulnerable
gadmin-openvpn-server	Not in release	Not in release	Vulnerable	Vulnerable	Vulnerable
golang-github-apparentlymart-go-openvpn-mgmt	Vulnerable	Vulnerable	Vulnerable	—	—
kvpnc	Not in release	Not in release	Not in release	Vulnerable	Vulnerable
libreswan	Vulnerable	Vulnerable	Vulnerable	Vulnerable	—
mozillavpn	Not in release	Vulnerable	Not in release	—	—
n2n	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
network-manager-fortisslvpn	Vulnerable	Vulnerable	Vulnerable	Vulnerable	—
network-manager-iodine	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
network-manager-l2tp	Vulnerable	Vulnerable	Vulnerable	Vulnerable	—
network-manager-openconnect	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
network-manager-openvpn	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
network-manager-pptp	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
network-manager-sstp	Vulnerable	Vulnerable	Not in release	—	—
network-manager-strongswan	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
network-manager-vpnc	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
openconnect	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
openfortivpn	Vulnerable	Vulnerable	Vulnerable	Vulnerable	—
openvpn	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
pptp-linux	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
pptpd	Not in release	Vulnerable	Vulnerable	Vulnerable	Vulnerable
quicktun	Vulnerable	Vulnerable	Vulnerable	Vulnerable	—
riseup-vpn	Vulnerable	Not in release	Not in release	—	—
softether-vpn	Vulnerable	Vulnerable	Not in release	—	—
sshuttle	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
tinc	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
vpnc	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
wireguard	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2023-36673

Medium priority

Vulnerable

An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel,...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
connman	Not affected	Not affected	Not affected	Not affected	Not affected
gadmin-openvpn-client	Not in release	Not in release	Not affected	Not affected	Not affected
gadmin-openvpn-server	Not in release	Not in release	Not affected	Not affected	Not affected
golang-github-apparentlymart-go-openvpn-mgmt	Not affected	Not affected	Not affected	Not in release	Not in release
kvpnc	Not in release	Not in release	Not in release	Not affected	Not affected
l2tp-ipsec-vpn	Not in release	Not in release	Not in release	Not in release	Not in release
l2tp-ipsec-vpn-daemon	Not in release	Not in release	Not in release	Not in release	Not in release
libreswan	Not affected	Not affected	Not affected	Not affected	Not in release
mozillavpn	Not in release	Not affected	Not in release	Not in release	Not in release
n2n	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-fortisslvpn	Not affected	Not affected	Not affected	Not affected	Not in release
network-manager-iodine	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-l2tp	Not affected	Not affected	Not affected	Not affected	Not in release
network-manager-openconnect	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-openvpn	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-pptp	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-sstp	Not affected	Not affected	Not in release	Not in release	Not in release
network-manager-strongswan	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-vpnc	Not affected	Not affected	Not affected	Not affected	Not affected
openconnect	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
openfortivpn	Not affected	Not affected	Not affected	Not affected	Not in release
openvpn	Not affected	Not affected	Not affected	Not affected	Not affected
pptp-linux	Not affected	Not affected	Not affected	Not affected	Not affected
quicktun	Not affected	Not affected	Not affected	Not affected	Not in release
riseup-vpn	Not affected	Not in release	Not in release	Not in release	Not in release
softether-vpn	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
sshuttle	Not affected	Not affected	Not affected	Not affected	Not affected
tinc	Not affected	Not affected	Not affected	Not affected	Not affected
vpnc	Not affected	Not affected	Not affected	Not affected	Not affected
wireguard	Not affected	Not affected	Not affected	Not affected	Not affected
zentyal-openvpn	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2023-36672

Medium priority

Vulnerable

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
connman	Not affected	Not affected	Not affected	Not affected	Not affected
gadmin-openvpn-client	Not in release	Not in release	Not affected	Not affected	Not affected
gadmin-openvpn-server	Not in release	Not in release	Not affected	Not affected	Not affected
golang-github-apparentlymart-go-openvpn-mgmt	Not affected	Not affected	Not affected	Not in release	Not in release
kvpnc	Not in release	Not in release	Not in release	Not affected	Not affected
l2tp-ipsec-vpn	Not in release	Not in release	Not in release	Not in release	Not in release
l2tp-ipsec-vpn-daemon	Not in release	Not in release	Not in release	Not in release	Not in release
libreswan	Not affected	Not affected	Not affected	Not affected	Not in release
mozillavpn	Not in release	Not affected	Not in release	Not in release	Not in release
n2n	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-fortisslvpn	Not affected	Not affected	Not affected	Not affected	Not in release
network-manager-iodine	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-l2tp	Not affected	Not affected	Not affected	Not affected	Not in release
network-manager-openconnect	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-openvpn	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-pptp	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-sstp	Not affected	Not affected	Not in release	Not in release	Not in release
network-manager-strongswan	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-vpnc	Not affected	Not affected	Not affected	Not affected	Not affected
openconnect	Not affected	Not affected	Not affected	Vulnerable	Vulnerable
openfortivpn	Not affected	Not affected	Not affected	Not affected	Not in release
openvpn	Not affected	Not affected	Not affected	Not affected	Not affected
pptp-linux	Not affected	Not affected	Not affected	Not affected	Not affected
quicktun	Not affected	Not affected	Not affected	Not affected	Not in release
riseup-vpn	Not affected	Not in release	Not in release	Not in release	Not in release
softether-vpn	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
sshuttle	Not affected	Not affected	Not affected	Not affected	Not affected
tinc	Not affected	Not affected	Not affected	Not affected	Not affected
vpnc	Not affected	Not affected	Not affected	Not affected	Not affected
wireguard	Ignored	Ignored	Ignored	Ignored	Ignored
zentyal-openvpn	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2023-36671

Medium priority

Vulnerable

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
connman	Not affected	Not affected	Not affected	Not affected	Not affected
gadmin-openvpn-client	Not in release	Not in release	Not affected	Not affected	Not affected
gadmin-openvpn-server	Not in release	Not in release	Not affected	Not affected	Not affected
golang-github-apparentlymart-go-openvpn-mgmt	Not affected	Not affected	Not affected	Not in release	Not in release
kvpnc	Not in release	Not in release	Not in release	Not affected	Not affected
l2tp-ipsec-vpn	Not in release	Not in release	Not in release	Not in release	Not in release
l2tp-ipsec-vpn-daemon	Not in release	Not in release	Not in release	Not in release	Not in release
libreswan	Not affected	Not affected	Not affected	Not affected	Not in release
mozillavpn	Not in release	Not affected	Not in release	Not in release	Not in release
n2n	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-fortisslvpn	Not affected	Not affected	Not affected	Not affected	Not in release
network-manager-iodine	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-l2tp	Not affected	Not affected	Not affected	Not affected	Not in release
network-manager-openconnect	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-openvpn	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-pptp	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-sstp	Not affected	Not affected	Not in release	Not in release	Not in release
network-manager-strongswan	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-vpnc	Not affected	Not affected	Not affected	Not affected	Not affected
openconnect	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
openfortivpn	Not affected	Not affected	Not affected	Not affected	Not in release
openvpn	Not affected	Not affected	Not affected	Not affected	Not affected
pptp-linux	Not affected	Not affected	Not affected	Not affected	Not affected
quicktun	Not affected	Not affected	Not affected	Not affected	Not in release
riseup-vpn	Not affected	Not in release	Not in release	Not in release	Not in release
softether-vpn	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
sshuttle	Not affected	Not affected	Not affected	Not affected	Not affected
tinc	Not affected	Not affected	Not affected	Not affected	Not affected
vpnc	Not affected	Not affected	Not affected	Not affected	Not affected
wireguard	Not affected	Not affected	Not affected	Not affected	Not affected
zentyal-openvpn	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2023-35838

Medium priority

Vulnerable

The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
connman	Not affected	Not affected	Not affected	Not affected	Not affected
gadmin-openvpn-client	Not in release	Not in release	Not affected	Not affected	Not affected
gadmin-openvpn-server	Not in release	Not in release	Not affected	Not affected	Not affected
golang-github-apparentlymart-go-openvpn-mgmt	Not affected	Not affected	Not affected	Not in release	Not in release
kvpnc	Not in release	Not in release	Not in release	Not affected	Not affected
l2tp-ipsec-vpn	Not in release	Not in release	Not in release	Not in release	Not in release
l2tp-ipsec-vpn-daemon	Not in release	Not in release	Not in release	Not in release	Not in release
libreswan	Not affected	Not affected	Not affected	Not affected	Not in release
mozillavpn	Not in release	Not affected	Not in release	Not in release	Not in release
n2n	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-fortisslvpn	Not affected	Not affected	Not affected	Not affected	Not in release
network-manager-iodine	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-l2tp	Not affected	Not affected	Not affected	Not affected	Not in release
network-manager-openconnect	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-openvpn	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-pptp	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-sstp	Not affected	Not affected	Not in release	Not in release	Not in release
network-manager-strongswan	Not affected	Not affected	Not affected	Not affected	Not affected
network-manager-vpnc	Not affected	Not affected	Not affected	Not affected	Not affected
openconnect	Not affected	Not affected	Not affected	Vulnerable	Vulnerable
openfortivpn	Not affected	Not affected	Not affected	Not affected	Not in release
openvpn	Not affected	Not affected	Not affected	Not affected	Not affected
pptp-linux	Not affected	Not affected	Not affected	Not affected	Not affected
quicktun	Not affected	Not affected	Not affected	Not affected	Not in release
riseup-vpn	Not affected	Not in release	Not in release	Not in release	Not in release
softether-vpn	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
sshuttle	Not affected	Not affected	Not affected	Not affected	Not affected
tinc	Not affected	Not affected	Not affected	Not affected	Not affected
vpnc	Not affected	Not affected	Not affected	Not affected	Not affected
wireguard	Ignored	Ignored	Ignored	Ignored	Ignored
zentyal-openvpn	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2020-12823

Medium priority

Vulnerable

OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.

1 affected package

openconnect

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openconnect	Not affected	Not affected	Vulnerable	Vulnerable	Vulnerable

CVE-2020-12105

Low priority

Ignored

OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.

1 affected package

openconnect

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openconnect	—	Not affected	Not affected	Not affected	Not affected

CVE-2013-7098

Medium priority

Ignored

OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.

1 affected package

openconnect

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openconnect	—	—	Not affected	Not affected	Not affected

CVE-2019-16239

Medium priority

Some fixes available 1 of 6

process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.

1 affected package

openconnect

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openconnect	—	Not affected	Not affected	Fixed	Not affected

CVE-2012-6128

Medium priority

Ignored

Multiple stack-based buffer overflows in http.c in OpenConnect before 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response.

1 affected package

openconnect

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openconnect	—	—	—	—	Not affected

Export to JSON

Results by page: