Kategori: NIST-Güvenlik Açıkları

CVE-2023-27395

A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead…

Devamını oku

CVE-2023-27516

An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access.…

Devamını oku

CVE-2023-31192

An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive…

Devamını oku

CVE-2023-32275

An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of…

Devamını oku

CVE-2023-32634

An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger…

Devamını oku

CVE-2023-22325

A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead…

Devamını oku

CVE-2023-23581

A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of…

Devamını oku

CVE-2023-22308

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial…

Devamını oku

CVE-2023-32124

Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publish Confirm Message plugin <= 1.3.1 versions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Devamını oku

CVE-2023-27315

SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext domain user credentials Zafiyet ile…

Devamını oku