VYPR

OpenVPN

by OpenVPN

Source repositories

CVEs (59)

  • CVE-2017-12166CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.04

    OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.

  • CVE-2018-7544CriMar 16, 2018
    risk 0.59cvss 9.1epss 0.02

    A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands,…

  • CVE-2025-10680HigOct 24, 2025
    risk 0.57cvss 8.8epss 0.07

    OpenVPN 2.7_alpha1 through 2.7_beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use

  • CVE-2017-7478HigMay 15, 2017
    risk 0.53cvss 7.5epss 0.14

    OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

  • CVE-2026-9560HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.01

    Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel

  • CVE-2017-7508HigJun 27, 2017
    risk 0.49cvss 7.5epss 0.05

    OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.

  • CVE-2017-7520HigJun 27, 2017
    risk 0.48cvss 7.4epss 0.03

    OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.

  • CVE-2017-7522MedJun 27, 2017
    risk 0.43cvss 6.5epss 0.06

    OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

  • CVE-2017-7479MedMay 15, 2017
    risk 0.42cvss 6.5epss 0.02

    OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.

  • CVE-2017-7521MedJun 27, 2017
    risk 0.39cvss 5.9epss 0.04

    OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().

  • CVE-2016-6329MedJan 31, 2017
    risk 0.39cvss 5.9epss 0.06

    OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.

  • CVE-2026-35058MedJun 8, 2026
    risk 0.38cvss epss 0.00

    Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows authenticated attackers to trigger a fatal assertion and cause a denial of service via a specially crafted packet.

  • CVE-2026-2738MedFeb 19, 2026
    risk 0.36cvss epss 0.00

    Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet

  • CVE-2026-40215MedJun 8, 2026
    risk 0.33cvss epss 0.00

    A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion.

  • CVE-2014-5455MedAug 25, 2014
    risk 0.31cvss 5.3epss 0.01

    Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.

  • CVE-2025-15497LowJan 30, 2026
    risk 0.25cvss epss 0.00

    Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenticated users to trigger an assert resulting in a denial of service

  • CVE-2024-1305Jul 8, 2024
    risk 0.01cvss epss 0.15

    tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space

  • CVE-2024-27903Jul 8, 2024
    risk 0.01cvss epss 0.09

    OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.

  • CVE-2024-24974Jul 8, 2024
    risk 0.01cvss epss 0.10

    The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.

  • CVE-2025-13086Dec 3, 2025
    risk 0.00cvss epss 0.01

    Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client

Page 1 of 3