Vulnerabilities > Openvpn > Openvpn > 2.6.8

DATE CVE VULNERABILITY TITLE RISK
2024-07-08 CVE-2024-24974 Unspecified vulnerability in Openvpn
The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.
network
low complexity
openvpn
7.5
2024-07-08 CVE-2024-27459 Out-of-bounds Write vulnerability in Openvpn
The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges.
local
low complexity
openvpn CWE-787
7.8
2024-07-08 CVE-2024-27903 Unrestricted Upload of File with Dangerous Type vulnerability in Openvpn
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.
network
low complexity
openvpn CWE-434
critical
9.8