Search CVE reports


Toggle filters

11 – 20 of 45 results


CVE-2023-46850

Medium priority
Fixed

Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.

1 affected packages

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvpn Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-46849

Medium priority
Fixed

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.

1 affected packages

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvpn Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-20813

Medium priority
Vulnerable

Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet.

1 affected packages

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvpn Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2023-36673

Medium priority
Vulnerable

An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel,...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
connman Not affected Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release Not in release
kvpnc Not in release Not in release Not in release Not affected Not affected
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected Not in release
mozillavpn Not in release Not affected Not in release Not in release Not in release
n2n Not affected Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected Not in release
network-manager-iodine Not affected Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected Not in release
network-manager-openconnect Not affected Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected Not affected
openconnect Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
openfortivpn Not affected Not affected Not affected Not affected Not in release
openvpn Not affected Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected Not in release
riseup-vpn Not affected Not in release Not in release Not in release Not in release
softether-vpn Vulnerable Vulnerable Not in release Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected Not affected
wireguard Not affected Not affected Not affected Not affected Not affected
zentyal-openvpn Not in release Not in release Not in release Not in release Not in release
Show all 31 packages Show less packages

CVE-2023-36672

Medium priority
Vulnerable

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
connman Not affected Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release Not in release
kvpnc Not in release Not in release Not in release Not affected Not affected
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected Not in release
mozillavpn Not in release Not affected Not in release Not in release Not in release
n2n Not affected Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected Not in release
network-manager-iodine Not affected Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected Not in release
network-manager-openconnect Not affected Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected Not affected
openconnect Not affected Not affected Not affected Vulnerable Vulnerable
openfortivpn Not affected Not affected Not affected Not affected Not in release
openvpn Not affected Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected Not in release
riseup-vpn Not affected Not in release Not in release Not in release Not in release
softether-vpn Vulnerable Vulnerable Not in release Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected Not affected
wireguard Ignored Ignored Ignored Ignored Ignored
zentyal-openvpn Not in release Not in release Not in release Not in release Not in release
Show all 31 packages Show less packages

CVE-2023-36671

Medium priority
Vulnerable

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
connman Not affected Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release Not in release
kvpnc Not in release Not in release Not in release Not affected Not affected
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected Not in release
mozillavpn Not in release Not affected Not in release Not in release Not in release
n2n Not affected Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected Not in release
network-manager-iodine Not affected Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected Not in release
network-manager-openconnect Not affected Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected Not affected
openconnect Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
openfortivpn Not affected Not affected Not affected Not affected Not in release
openvpn Not affected Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected Not in release
riseup-vpn Not affected Not in release Not in release Not in release Not in release
softether-vpn Vulnerable Vulnerable Not in release Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected Not affected
wireguard Not affected Not affected Not affected Not affected Not affected
zentyal-openvpn Not in release Not in release Not in release Not in release Not in release
Show all 31 packages Show less packages

CVE-2023-35838

Medium priority
Vulnerable

The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...

31 affected packages

connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
connman Not affected Not affected Not affected Not affected Not affected
gadmin-openvpn-client Not in release Not in release Not affected Not affected Not affected
gadmin-openvpn-server Not in release Not in release Not affected Not affected Not affected
golang-github-apparentlymart-go-openvpn-mgmt Not affected Not affected Not affected Not in release Not in release
kvpnc Not in release Not in release Not in release Not affected Not affected
l2tp-ipsec-vpn Not in release Not in release Not in release Not in release Not in release
l2tp-ipsec-vpn-daemon Not in release Not in release Not in release Not in release Not in release
libreswan Not affected Not affected Not affected Not affected Not in release
mozillavpn Not in release Not affected Not in release Not in release Not in release
n2n Not affected Not affected Not affected Not affected Not affected
network-manager-fortisslvpn Not affected Not affected Not affected Not affected Not in release
network-manager-iodine Not affected Not affected Not affected Not affected Not affected
network-manager-l2tp Not affected Not affected Not affected Not affected Not in release
network-manager-openconnect Not affected Not affected Not affected Not affected Not affected
network-manager-openvpn Not affected Not affected Not affected Not affected Not affected
network-manager-pptp Not affected Not affected Not affected Not affected Not affected
network-manager-sstp Not affected Not affected Not in release Not in release Not in release
network-manager-strongswan Not affected Not affected Not affected Not affected Not affected
network-manager-vpnc Not affected Not affected Not affected Not affected Not affected
openconnect Not affected Not affected Not affected Vulnerable Vulnerable
openfortivpn Not affected Not affected Not affected Not affected Not in release
openvpn Not affected Not affected Not affected Not affected Not affected
pptp-linux Not affected Not affected Not affected Not affected Not affected
quicktun Not affected Not affected Not affected Not affected Not in release
riseup-vpn Not affected Not in release Not in release Not in release Not in release
softether-vpn Vulnerable Vulnerable Not in release Not in release Not in release
sshuttle Not affected Not affected Not affected Not affected Not affected
tinc Not affected Not affected Not affected Not affected Not affected
vpnc Not affected Not affected Not affected Not affected Not affected
wireguard Ignored Ignored Ignored Ignored Ignored
zentyal-openvpn Not in release Not in release Not in release Not in release Not in release
Show all 31 packages Show less packages

CVE-2022-0547

Medium priority
Fixed

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access...

1 affected packages

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvpn Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-15078

Medium priority
Fixed

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.

1 affected packages

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvpn Fixed Fixed Fixed Not affected
Show less packages

CVE-2020-15074

Medium priority
Ignored

OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp.

1 affected packages

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvpn Not affected Not affected Not affected
Show less packages