CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-45750
https://notcve.org/view.php?id=CVE-2024-45750
25 Sep 2024 — An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel. • https://thegreenbow.com • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-47267
https://notcve.org/view.php?id=CVE-2023-47267
19 Dec 2023 — An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file. Un problema descubierto en TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87 y Windows Enterprise VPN Client 6.87 permite a los atacantes obtener privilegios aumentados mediante cambios elaborados en el archivo asignado en memor... • https://www.thegreenbow.com/en/support/security-alerts/#deeplink-16093 • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 11%CPEs: 2EXPL: 0CVE-2010-0392
https://notcve.org/view.php?id=CVE-2010-0392
26 Jan 2010 — Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to "phase 2." Desbordamiento de búfer basado en pila en vpnconf.exe en TheGreenBow IPSec VPN Client v4.51.001, v4.65.003, y posiblemente otras versiones, permite a atacantes remotos ayudados por el usuario ejecutar código arbitrario a través de del par... • http://osvdb.org/61866 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2009-2918 – TheGreenBow VPN Client - 'tgbvpn.sys' Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-2918
21 Aug 2009 — The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0. El driver tgbvpn.sys en TheGreenBow IPSec VPN Client 4.61.003 permite a usuarios locales provocar una denegación de servicio (referencia a un puntero nulo y caída del sistema) mediante una petición manipulada a el IOCTL 0x80000034, probablemente en relac... • https://www.exploit-db.com/exploits/9449 • CWE-20: Improper Input Validation •