Skip to main content

Purevpn

4 CVEs product

Monthly

CVE-2018-18656 HIGH POC This Week

The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in cleartext. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Purevpn
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-10204 HIGH This Week

PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Purevpn
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2018-7484 HIGH This Week

An issue was discovered in PureVPN through 5.19.4.0 on Windows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Purevpn
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2018-6822 CRITICAL Act Now

In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Purevpn
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
EPSS 0% CVSS 7.8
HIGH POC This Week

The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in cleartext. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Purevpn
NVD
EPSS 2% CVSS 8.8
HIGH This Week

PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Purevpn
NVD GitHub
EPSS 2% CVSS 7.8
HIGH This Week

An issue was discovered in PureVPN through 5.19.4.0 on Windows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Purevpn
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Purevpn
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy