Search Results (64 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-13086 1 Openvpn 1 Openvpn 2026-01-30 7.5 High
Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client
CVE-2025-12106 1 Openvpn 1 Openvpn 2025-12-30 9.1 Critical
Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses
CVE-2023-46850 3 Debian, Fedoraproject, Openvpn 4 Debian Linux, Fedora, Openvpn and 1 more 2025-12-16 9.8 Critical
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.
CVE-2024-5594 1 Openvpn 1 Openvpn 2025-11-03 9.1 Critical
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
CVE-2022-0547 3 Debian, Fedoraproject, Openvpn 3 Debian Linux, Fedora, Openvpn 2025-11-03 9.8 Critical
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.
CVE-2025-2704 1 Openvpn 1 Openvpn 2025-10-23 7.5 High
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase
CVE-2023-6247 1 Openvpn 1 Openvpn 3 2025-08-21 6.5 Medium
The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing.
CVE-2025-3908 2 Linux, Openvpn 2 Linux Kernel, Openvpn3linux 2025-06-12 6.2 Medium
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory.
CVE-2023-46849 3 Debian, Fedoraproject, Openvpn 4 Debian Linux, Fedora, Openvpn and 1 more 2025-06-11 7.5 High
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
CVE-2024-28882 1 Openvpn 1 Openvpn 2025-06-10 4.3 Medium
OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session
CVE-2023-7235 1 Openvpn 1 Openvpn Gui 2025-05-06 8.4 High
The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an attacker to replace binaries to run arbitrary executables.
CVE-2024-4877 2 Microsoft, Openvpn 2 Windows, Openvpn 2025-04-29 8.8 High
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
CVE-2017-7479 1 Openvpn 1 Openvpn 2025-04-20 N/A
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
CVE-2017-7520 1 Openvpn 1 Openvpn 2025-04-20 N/A
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.
CVE-2017-7521 1 Openvpn 1 Openvpn 2025-04-20 N/A
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().
CVE-2017-7522 1 Openvpn 1 Openvpn 2025-04-20 N/A
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.
CVE-2016-6329 1 Openvpn 1 Openvpn 2025-04-20 N/A
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.
CVE-2017-7478 1 Openvpn 1 Openvpn 2025-04-20 N/A
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.
CVE-2017-7508 1 Openvpn 1 Openvpn 2025-04-20 N/A
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.
CVE-2017-12166 2 Debian, Openvpn 2 Debian Linux, Openvpn 2025-04-20 9.8 Critical
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.