cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-27903,https://securityvulnerability.io/vulnerability/CVE-2024-27903,Arbitrary Plug-in Loading Vulnerability in OpenVPN for Windows,"The OpenVPN software on Windows prior to version 2.6.9 has a significant security flaw that allows malicious actors to load arbitrary plug-ins from any directory. This vulnerability exploits improper validation during the loading process of OpenVPN plug-ins, enabling attackers to inject potentially harmful code into the privileged OpenVPN interactive service. The vulnerability poses a threat to users' systems and can lead to unauthorized actions performed under the open interactive service's context. Users are urged to update their OpenVPN installations promptly to mitigate the risks associated with this vulnerability.",Openvpn,Openvpn 2,9.8,CRITICAL,0.0006699999794363976,false,,true,false,true,2024-08-08T21:54:31.000Z,,false,false,,2024-07-08T10:27:40.125Z,0
CVE-2024-24974,https://securityvulnerability.io/vulnerability/CVE-2024-24974,Remote Interactive Service Vulnerability in OpenVPN,"A vulnerability exists in OpenVPN prior to version 2.6.9 that permits remote attackers to access the OpenVPN service pipe. This flaw enables potential unauthorized interaction with the OpenVPN interactive service, which operates with elevated privileges. Attackers who exploit this vulnerability could perform actions that compromise the integrity and confidentiality of the system running OpenVPN.",Openvpn,Openvpn 2,7.5,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2024-07-08T10:20:34.520Z,0
CVE-2023-46849,https://securityvulnerability.io/vulnerability/CVE-2023-46849,Denial of Service Vulnerability in OpenVPN by OpenVPN Technologies,"A vulnerability exists in OpenVPN versions 2.6.0 to 2.6.6 when using the --fragment option in certain configuration scenarios. This issue allows an attacker to exploit a divide by zero condition, potentially triggering application crashes and resulting in a denial of service. Users of the affected versions are encouraged to upgrade to the latest version to mitigate the risk associated with this vulnerability.",OpenVPN,"OpenVPN 2 (Community),Access Server",7.5,HIGH,0.0011500000255182385,false,,false,false,false,,,false,false,,2023-11-11T01:15:00.000Z,0
CVE-2023-46850,https://securityvulnerability.io/vulnerability/CVE-2023-46850,Use After Free Vulnerability in OpenVPN by OpenVPN Technologies Inc.,"A vulnerability in OpenVPN, versions 2.6.0 to 2.6.6, allows for use after free conditions which can cause undefined behavior and memory leaks. This issue may enable an attacker to exploit the vulnerable application by sending crafted network buffers to a remote peer, potentially leading to remote execution of code.",OpenVPN,"OpenVPN 2 (Community),Access Server",9.8,CRITICAL,0.013179999776184559,false,,false,false,false,,,false,false,,2023-11-11T01:15:00.000Z,0