Search CVE reports
1 – 6 of 6 results
CVE-2024-3661
Medium priorityDHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An...
29 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gadmin-openvpn-client | Not in release | Not in release | Vulnerable | Vulnerable | Vulnerable |
gadmin-openvpn-server | Not in release | Not in release | Vulnerable | Vulnerable | Vulnerable |
golang-github-apparentlymart-go-openvpn-mgmt | Vulnerable | Vulnerable | Vulnerable | — | — |
kvpnc | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
libreswan | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
mozillavpn | Not in release | Vulnerable | Not in release | — | — |
n2n | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-fortisslvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
network-manager-iodine | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-l2tp | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
network-manager-openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-pptp | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-sstp | Vulnerable | Vulnerable | Not in release | — | — |
network-manager-strongswan | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-vpnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openfortivpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
pptp-linux | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
pptpd | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
quicktun | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
riseup-vpn | Vulnerable | Not in release | Not in release | — | — |
softether-vpn | Vulnerable | Vulnerable | Not in release | — | — |
sshuttle | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
tinc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
vpnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
wireguard | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2023-4104
Medium priorityAn invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are...
1 affected packages
mozillavpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mozillavpn | Not in release | Needs evaluation | Not in release | Ignored | Ignored |
CVE-2023-36673
Medium priorityAn issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel,...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Not affected | Not affected | Not affected | Not affected | Not affected |
gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
wireguard | Not affected | Not affected | Not affected | Not affected | Not affected |
zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-36672
Medium priorityAn issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Not affected | Not affected | Not affected | Not affected | Not affected |
gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
openconnect | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
wireguard | Ignored | Ignored | Ignored | Ignored | Ignored |
zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-36671
Medium priorityAn issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Not affected | Not affected | Not affected | Not affected | Not affected |
gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
wireguard | Not affected | Not affected | Not affected | Not affected | Not affected |
zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-35838
Medium priorityThe WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Not affected | Not affected | Not affected | Not affected | Not affected |
gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
openconnect | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
wireguard | Ignored | Ignored | Ignored | Ignored | Ignored |
zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |