Vulnerabilities > Expressvpn

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-11	CVE-2024-25728	Unspecified vulnerability in Expressvpn ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration (e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers), which may allow remote attackers to obtain sensitive information about websites visited by VPN users. network low complexity expressvpn	7.5
2021-03-10	CVE-2020-29238	Integer Overflow or Wraparound vulnerability in Expressvpn 1.0 An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request. network low complexity expressvpn CWE-190	7.5
2019-01-02	CVE-2018-15490	Path Traversal vulnerability in Expressvpn An issue was discovered in ExpressVPN on Windows. local low complexity expressvpn CWE-22	7.1

Vulnerabilities > Expressvpn {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Expressvpn"}]}