pkg:Debian/openvpn
共 44 筆 CVECRITICAL7HIGH11MEDIUM6LOW1
✅ 檢查你的版本
所有已知漏洞
- CRITICAL9.8CVE-2023-46850Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending ne…from 0, < 2.6.3-1+deb12u2
- from 0, < 2.5.1-3+deb11u1
- from 0, < 2.5.1-3+deb11u1
- from 0, < 2.4.4-1
- from 0, < 2.4.0-6+deb9u4
- CRITICAL9.1CVE-2024-5594OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected a…from 0, < 2.5.1-3+deb11u1
- CRITICAL9.1CVE-2018-7544A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5.from 0
- from 0, < 2.6.3-1+deb12u4
- from 0, < 2.6.3-1+deb12u4
- HIGH7.5CVE-2025-2704OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting…from 0, < 2.6.3-1+deb12u3
- from 0, < 2.6.3-1+deb12u2
- from 0, < 2.6.3-1+deb12u2
- HIGH7.5CVE-2020-15078OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured…from 0, < 2.5.1-2
- from 0, < 2.3.4-5+deb8u2
- from 0, < 2.4.3-1
- HIGH7.5CVE-2017-7478OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet.from 0, < 2.4.0-5
- from 0, < 2.2.1-8+deb7u5
- from 0, < 2.4.3-1
- MEDIUM6.5CVE-2017-7522OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certific…from 0, < 2.4.3-1
- from 0, < 2.4.0-5
- from 0, < 2.2.1-8+deb7u4
- MEDIUM5.9CVE-2017-7521OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks…from 0, < 2.4.3-1
- MEDIUM5.9CVE-2016-6329OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a lo…from 0
- MEDIUM4.3CVE-2024-28882OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the val…from 0, < 2.6.3-1+deb12u3
- from 0, < 2.4.9-1
- from 0
- from 0
- —CVE-2025-15497Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenticated users to trigger an assert resulti…from 0, < 2.7.0~rc5-1
- from 0, < 2.3.4-5
- from 0, < 2.1.3-2+squeeze3
- from 0, < 2.2.1-8+deb7u3
- —CVE-2013-2061The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitiv…from 0, < 2.3.1-1
- —CVE-2008-3459Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbi…from 0, < 2.1~rc9-1
- —CVE-2006-2229OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for T…from 0
- from 0, < 2.0.6-1
- from 0, < 2.0-1sarge3
- —CVE-2005-3409OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing th…from 0, < 2.0.5-1
- from 0, < 2.0-1sarge2
- from 0, < 2.0.5-1
- —CVE-2005-2532OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote…from 0, < 2.0.2-1
- —CVE-2005-2534Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service (server cr…from 0, < 2.0.2-1
- from 0, < 2.0-1sarge1
- from 0, < 2.0.2-1
- —CVE-2005-2533OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (m…from 0, < 2.0.2-1