Filtered by vendor Softether
Subscriptions
Total
10 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-32634 | 1 Softether | 1 Vpn | 2024-11-21 | 7.8 High |
An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger this vulnerability. | ||||
CVE-2023-32275 | 1 Softether | 1 Vpn | 2024-11-21 | 5.5 Medium |
An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability. | ||||
CVE-2023-31192 | 1 Softether | 1 Vpn | 2024-11-21 | 5.3 Medium |
An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | ||||
CVE-2023-27516 | 1 Softether | 1 Vpn | 2024-11-21 | 7.3 High |
An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability. | ||||
CVE-2023-27395 | 1 Softether | 1 Vpn | 2024-11-21 | 9 Critical |
A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | ||||
CVE-2023-25774 | 1 Softether | 1 Vpn | 2024-11-21 | 7.5 High |
A denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of SoftEther VPN 5.02. A set of specially crafted network connections can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability. | ||||
CVE-2023-23581 | 1 Softether | 1 Vpn | 2024-11-21 | 7.5 High |
A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. | ||||
CVE-2023-22325 | 1 Softether | 1 Vpn | 2024-11-21 | 5.9 Medium |
A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | ||||
CVE-2023-22308 | 1 Softether | 1 Vpn | 2024-11-21 | 7.5 High |
An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability. | ||||
CVE-2019-11868 | 1 Softether | 1 See.sys | 2024-11-21 | 7.8 High |
See.sys, up to version 4.25, in SoftEther VPN Server versions 4.29 or older, allows a user to call an IOCTL specifying any kernel address to which arbitrary bytes are written to. |
Page 1 of 1.