Search CVE reports
11 – 20 of 45 results
CVE-2023-46850
Medium priorityUse after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.
1 affected packages
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openvpn | — | Not affected | Not affected | Not affected | Not affected |
CVE-2023-46849
Medium priorityUsing the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
1 affected packages
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openvpn | — | Not affected | Not affected | Not affected | Not affected |
CVE-2020-20813
Medium priorityControl Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet.
1 affected packages
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2023-36673
Medium priorityAn issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel,...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| connman | Not affected | Not affected | Not affected | Not affected | Not affected |
| gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
| gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
| golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
| kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
| l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
| l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
| libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
| mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
| n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
| network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
| network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
| network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
| openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
| openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
| pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
| quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
| riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
| softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
| sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
| tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
| vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
| wireguard | Not affected | Not affected | Not affected | Not affected | Not affected |
| zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-36672
Medium priorityAn issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| connman | Not affected | Not affected | Not affected | Not affected | Not affected |
| gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
| gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
| golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
| kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
| l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
| l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
| libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
| mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
| n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
| network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
| network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
| network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
| openconnect | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
| openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
| openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
| pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
| quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
| riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
| softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
| sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
| tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
| vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
| wireguard | Ignored | Ignored | Ignored | Ignored | Ignored |
| zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-36671
Medium priorityAn issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| connman | Not affected | Not affected | Not affected | Not affected | Not affected |
| gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
| gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
| golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
| kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
| l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
| l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
| libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
| mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
| n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
| network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
| network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
| network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
| openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
| openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
| pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
| quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
| riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
| softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
| sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
| tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
| vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
| wireguard | Not affected | Not affected | Not affected | Not affected | Not affected |
| zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-35838
Medium priorityThe WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| connman | Not affected | Not affected | Not affected | Not affected | Not affected |
| gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
| gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
| golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
| kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
| l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
| l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
| libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
| mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
| n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
| network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
| network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
| network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
| network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
| openconnect | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
| openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
| openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
| pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
| quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
| riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
| softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
| sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
| tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
| vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
| wireguard | Ignored | Ignored | Ignored | Ignored | Ignored |
| zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2022-0547
Medium priorityOpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access...
1 affected packages
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openvpn | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2020-15078
Medium priorityOpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
1 affected packages
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openvpn | — | Fixed | Fixed | Fixed | Not affected |
CVE-2020-15074
Medium priorityOpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp.
1 affected packages
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openvpn | — | — | Not affected | Not affected | Not affected |