CVE-2020-15590: OpenVPN vulnerability

September 17, 2020 0

A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since Read more

Share this info:

CVE-2020-13260: OpenVPN vulnerability

September 17, 2020 0

A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as Read more

Share this info:

CVE-2020-15473: OpenVPN vulnerability

August 21, 2020 0

In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c. References github.com/ntop/nDPI/commit/8e7b1ea7a136cc4e4aa9880072ec2d69900a825e

Share this info:

CVE-2020-15074: OpenVPN vulnerability

August 21, 2020 0

OpenVPN Access Server older than version 2.8.4 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp. References openvpn.net/vpn-server-resources/release-notes/ openvpn.net/vpn-server-resources/release-notes/

Share this info:

CVE-2020-11462: OpenVPN vulnerability

May 10, 2020 0

An issue was discovered in OpenVPN Access Server before 2.7.0 and 2.8.x before 2.8.3. With the full featured RPC2 interface enabled, it is possible to achieve a temporary DoS state of the management interface when Read more

Share this info:
1 2 3