CVE-2026-11604
- EPSS 0.15%
- Veröffentlicht 10.06.2026 21:04:37
- Zuletzt bearbeitet 11.06.2026 15:21:30
An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, res...
CVE-2026-2738
- EPSS 0.12%
- Veröffentlicht 19.02.2026 20:00:30
- Zuletzt bearbeitet 15.04.2026 00:35:42
Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet
CVE-2025-50054
- EPSS 0.22%
- Veröffentlicht 20.06.2025 06:29:01
- Zuletzt bearbeitet 21.08.2025 20:39:10
Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash
CVE-2024-5198
- EPSS 0.14%
- Veröffentlicht 15.01.2025 13:15:15
- Zuletzt bearbeitet 10.06.2025 16:12:09
OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.