cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-5198,https://securityvulnerability.io/vulnerability/CVE-2024-5198,NULL Pointer Dereference Vulnerability in OpenVPN Driver for Windows,"The OpenVPN ovpn-dco driver for Windows version 1.1.1 is susceptible to a vulnerability that allows a local, unprivileged attacker to send malformed I/O control messages. This can lead to a NULL pointer dereference within the driver, which may cause the system to halt unexpectedly, disrupting services and potentially leading to further exploitation.",Openvpn,"Ovpn-dco,Openvpn-gui",3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-15T12:57:25.205Z,0
CVE-2024-1305,https://securityvulnerability.io/vulnerability/CVE-2024-1305,Memory Buffer Overflow Vulnerability in tap-windows6 Driver,"tap-windows6 driver version 9.26 and earlier does not properly 
check the size data of incomming write operations which an attacker can 
use to overflow memory buffers, resulting in a bug check and potentially
 arbitrary code execution in kernel space",Openvpn,"Tap-windows6,Openvpn-gui",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-08T18:15:00.000Z,0
CVE-2024-27459,https://securityvulnerability.io/vulnerability/CVE-2024-27459,Stack Overflow Vulnerability in OpenVPN Allows Arbitrary Code Execution,"The interactive service component of OpenVPN versions 2.6.9 and earlier is susceptible to a stack overflow vulnerability. This flaw enables attackers to send specially crafted data to the service, resulting in a stack overflow condition. Exploiting this vulnerability may allow the execution of arbitrary code, leading to elevated privileges on the affected system. Users of OpenVPN are encouraged to review their usage of the software and apply necessary security measures to mitigate potential risks.",Openvpn,Openvpn Gui,7.8,HIGH,0.0004199999966658652,false,,true,false,false,,,false,false,,2024-07-08T10:14:06.208Z,0
CVE-2021-3606,https://securityvulnerability.io/vulnerability/CVE-2021-3606,,"OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe).",Openvpn,Openvpn-gui,7.8,HIGH,0.0006699999794363976,false,,false,false,false,,,false,false,,2021-07-02T12:30:38.000Z,0