Openvpn Openvpn-Gui vulnerabilities

CVE-2024-5198 [LOW] CWE-476 CVE-2024-5198: OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.

CVE-2024-1305 [CRITICAL] CWE-190 CVE-2024-1305: tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming wri tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space