Vulnerabilities > Softether
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-12 | CVE-2023-22308 | Integer Underflow (Wrap or Wraparound) vulnerability in Softether VPN 5.01.9674/5.02 An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. | 7.5 |
2023-10-12 | CVE-2023-22325 | Infinite Loop vulnerability in Softether VPN 4.419782/5.01.9674/5.02 A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. | 5.9 |
2023-10-12 | CVE-2023-23581 | Out-of-bounds Read vulnerability in Softether VPN 5.01.9674/5.02 A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. | 7.5 |
2023-10-12 | CVE-2023-25774 | Unspecified vulnerability in Softether VPN 5.02 A denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of SoftEther VPN 5.02. | 7.5 |
2023-10-12 | CVE-2023-27395 | Out-of-bounds Write vulnerability in Softether VPN 4.419782/5.01.9674/5.02 A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. | 8.1 |
2023-10-12 | CVE-2023-27516 | Insecure Default Initialization of Resource vulnerability in Softether VPN 4.419782/5.01.9674 An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. | 7.8 |
2023-10-12 | CVE-2023-31192 | Use of Uninitialized Resource vulnerability in Softether VPN 5.01.9674 An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. | 5.3 |
2023-10-12 | CVE-2023-32275 | Exposure of Resource to Wrong Sphere vulnerability in Softether VPN 4.419782/5.01.9674 An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. | 4.4 |
2023-10-12 | CVE-2023-32634 | Unspecified vulnerability in Softether VPN 4.419782/5.01.9674 An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. | 7.4 |
2019-07-29 | CVE-2019-11868 | Out-of-bounds Write vulnerability in Softether See.Sys 4.25 See.sys, up to version 4.25, in SoftEther VPN Server versions 4.29 or older, allows a user to call an IOCTL specifying any kernel address to which arbitrary bytes are written to. | 7.8 |