Vulnerabilities > Openvpn > Openvpn Access Server > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-11 | CVE-2023-46849 | Divide By Zero vulnerability in multiple products Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service. | 7.5 |
2022-07-06 | CVE-2022-33737 | Information Exposure Through Log Files vulnerability in Openvpn Access Server The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password | 7.5 |
2020-02-13 | CVE-2020-8953 | Improper Authentication vulnerability in Openvpn Access Server 2.8.0 OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication). | 7.5 |
2005-11-01 | CVE-2005-3393 | Remote Format String vulnerability in Openvpn and Openvpn Access Server Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option. | 7.5 |