Vulnerabilities > Openvpn > Openvpn Access Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-11 CVE-2023-46850 Use After Free vulnerability in multiple products
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.
network
low complexity
openvpn debian fedoraproject CWE-416
critical
9.8
2020-02-13 CVE-2020-8953 Improper Authentication vulnerability in Openvpn Access Server 2.8.0
OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication).
network
low complexity
openvpn CWE-287
critical
9.8