156 matches found
CVE-2026-25532 ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...
CVE-2025-62291
A flaw was found in the strongSwan eap-mschapv2 plugin client-side. A remote attacker, specifically a malicious Extensible Authentication Protocol - Microsoft Challenge-Handshake Authentication Protocol version 2 EAP-MSCHAPv2 server, could exploit this by sending a specially crafted message betwe...
AZL-74660 CVE-2025-62291 affecting package strongswan for versions less than 5.9.14-8
In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...
CVE-2025-62291
In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...
CVE-2025-62291
In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...
CVE-2025-62291
In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...
CVE-2025-63292
Freebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...
Updated strongswan packages fix security vulnerability
Buffer Overflow When Handling EAP-MSCHAPv2 Failure Requests. CVE-2025-62291...
SUSE-SU-2025:3873-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2025-62291: fixed a buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...
SUSE SLES15 Security Update : strongswan (SUSE-SU-2025:3857-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3857-1 advisory. - CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Tenable has extracted the preceding descripti...
Security update for strongswan
This update for strongswan fixes the following issues: CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
SUSE-SU-2025:3834-1 Security update for strongswan
This update for strongswan fixes the following issues: - CVE-2025-62291: fixed buffer overflow when handling EAP-MSCHAPv2 failure requests bsc1251941...
Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : strongSwan vulnerability (USN-7841-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7841-1 advisory. Xu Biang discovered that the strongSwan client incorrectly handled EAP-MSCHAPv2 failure requests. If a user or automated system were...
UBUNTU-CVE-2025-62291
In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...
EUVD-2008-1123
Malware in sbrugna...
EUVD-2007-5623
Malware in sbrugna...
EUVD-2025-24352
Malicious code in bioql PyPI...
CVE-2025-50159
Use after free in Remote Access Point-to-Point Protocol PPP EAP-TLS allows an authorized attacker to elevate privileges locally...
CVE-2025-50159
Use after free in Remote Access Point-to-Point Protocol PPP EAP-TLS allows an authorized attacker to elevate privileges locally...
CVE-2025-50159 Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability
...