Every CVE whose affected-product data names Google Tunnelblick, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2012-3485 — CVSS 7.2 (high): Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable…
CVE-2012-3484 — CVSS 7.2 (high): Tunnelblick 3.3beta20 and earlier relies on a test for specific ownership and permissions to determine whether a program can be safely…
CVE-2012-3486 — CVSS 6.9 (medium): Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a…
CVE-2012-3483 — CVSS 6.2 (medium): Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script…
CVE-2012-4677 — CVSS 4.4 (medium): Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure…
CVE-2012-3487 — CVSS 1.2 (low): Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to…
CVE-2012-4676 — CVSS 1.2 (low): The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a…