Search CVE reports

Toggle filters

1 – 8 of 8 results

CVE-2024-3661

High priority
Ignored

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An...

29 affected packages

tinc, vpnc, connman, gadmin-openvpn-client, gadmin-openvpn-server...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
tinc Ignored Ignored Ignored Ignored
vpnc Ignored Ignored Ignored Ignored
connman Ignored Ignored Ignored Ignored
gadmin-openvpn-client Not in release Not in release Ignored Ignored
gadmin-openvpn-server Not in release Not in release Ignored Ignored
golang-github-apparentlymart-go-openvpn-mgmt Ignored Ignored Ignored
kvpnc Not in release Not in release Not in release Ignored
libreswan Ignored Ignored Ignored Ignored
mozillavpn Not in release Ignored Not in release
n2n Ignored Ignored Ignored Ignored
network-manager-fortisslvpn Ignored Ignored Ignored Ignored
network-manager-iodine Ignored Ignored Ignored Ignored
network-manager-l2tp Ignored Ignored Ignored Ignored
network-manager-openconnect Ignored Ignored Ignored Ignored
network-manager-openvpn Ignored Ignored Ignored Ignored
network-manager-pptp Ignored Ignored Ignored Ignored
network-manager-sstp Ignored Ignored Not in release
network-manager-strongswan Ignored Ignored Ignored Ignored
network-manager-vpnc Ignored Ignored Ignored Ignored
openconnect Ignored Ignored Ignored Ignored
openfortivpn Ignored Ignored Ignored Ignored
openvpn Ignored Ignored Ignored Ignored
pptp-linux Ignored Ignored Ignored Ignored
pptpd Not in release Ignored Ignored Ignored
quicktun Ignored Ignored Ignored Ignored
riseup-vpn Ignored Not in release Not in release
softether-vpn Ignored Ignored Not in release
sshuttle Ignored Ignored Ignored Ignored
wireguard Ignored Ignored Ignored Ignored
Show all 29 packages Show less packages

CVE-2023-36673

Medium priority
Ignored

An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel,...

31 affected packages

wireguard, connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
wireguard Not affected Not affected Not affected Not affected
connman Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release
kvpnc Not in release Not in release Not in release Not affected
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected
mozillavpn Not in release Not affected Not in release Not in release
n2n Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected
network-manager-iodine Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected
network-manager-openconnect Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected
openconnect Not affected Not affected Not affected Not affected
openfortivpn Not affected Not affected Not affected Not affected
openvpn Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected
riseup-vpn Not affected Not in release Not in release Not in release
softether-vpn Not affected Not affected Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected
zentyal-openvpn Not in release Not in release Not in release Not in release
Show all 31 packages Show less packages

CVE-2023-36672

Medium priority
Ignored

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if...

31 affected packages

wireguard, n2n, connman, gadmin-openvpn-client, gadmin-openvpn-server...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
wireguard Ignored Ignored Not affected Ignored
n2n Not affected Not affected Not affected Not affected
connman Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected
openfortivpn Not affected Not affected Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release
kvpnc Not in release Not in release Not in release Not affected
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected
mozillavpn Not in release Not affected Not in release Not in release
network-manager-fortisslvpn Not affected Not affected Not affected Not affected
network-manager-iodine Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected
network-manager-openconnect Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected
openconnect Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected
riseup-vpn Not affected Not in release Not in release Not in release
softether-vpn Not affected Not affected Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected
zentyal-openvpn Not in release Not in release Not in release Not in release
openvpn Not affected Not affected Not affected Not affected
Show all 31 packages Show less packages

CVE-2023-36671

Medium priority
Ignored

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...

31 affected packages

wireguard, tinc, connman, gadmin-openvpn-client, gadmin-openvpn-server...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
wireguard Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected
connman Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release
kvpnc Not in release Not in release Not in release Not affected
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected
mozillavpn Not in release Not affected Not in release Not in release
n2n Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected
network-manager-iodine Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected
network-manager-openconnect Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected
openconnect Not affected Not affected Not affected Not affected
openfortivpn Not affected Not affected Not affected Not affected
openvpn Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected
riseup-vpn Not affected Not in release Not in release Not in release
softether-vpn Not affected Not affected Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected
zentyal-openvpn Not in release Not in release Not in release Not in release
Show all 31 packages Show less packages

CVE-2023-35838

Medium priority
Ignored

The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...

31 affected packages

wireguard, kvpnc, connman, gadmin-openvpn-client, gadmin-openvpn-server...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
wireguard Ignored Ignored Ignored Ignored
kvpnc Not in release Not in release Not in release Not affected
connman Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected
mozillavpn Not in release Not affected Not in release Not in release
n2n Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected
network-manager-iodine Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected
network-manager-openconnect Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected
openconnect Not affected Not affected Not affected Not affected
openfortivpn Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected
riseup-vpn Not affected Not in release Not in release Not in release
softether-vpn Not affected Not affected Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected
zentyal-openvpn Not in release Not in release Not in release Not in release
openvpn Not affected Not affected Not affected Not affected
Show all 31 packages Show less packages

CVE-2020-7043

Medium priority
Needs evaluation

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by...

1 affected package

openfortivpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openfortivpn Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2020-7042

Medium priority
Needs evaluation

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate...

1 affected package

openfortivpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openfortivpn Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2020-7041

Low priority
Needs evaluation

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.

1 affected package

openfortivpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openfortivpn Not affected Not affected Not affected Needs evaluation
Show less packages