Lucene search
K

44 matches found

EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-41440

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score
Exploits0References5
EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-41439

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score
Exploits0References3
EUVD
EUVD
added 2026/05/13 9:32 p.m.11 views

EUVD-2026-30105

A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service DoS condition. Panorama, Cloud NGFW and...

8.3CVSS5.8AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/13 6:30 p.m.11 views

EUVD-2026-30064

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service DoS condition. Panorama, Cloud NGFW, and Prisma® Access...

9.2CVSS6.4AI score0.0031EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 6:8 p.m.8 views

CVE-2026-0258

A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service DoS condition. Panorama, Cloud NGFW and...

5.8AI score0.00317EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/23 6:33 p.m.46 views

CVE-2026-25075

The CVE-2026-25075 issue is an integer underflow in strongSwan’s EAP-TTLS AVP parser affecting versions 4.5.0 through 6.0.4, which can crash the charon IKE daemon (DoS) via crafted AVP length fields during IKEv2 authentication. Mitigation: upgrade to strongSwan 6.0.5 or later (as confirmed by Mag...

8.7CVSS5.9AI score0.01013EPSS
Exploits2References5
EUVD
EUVD
added 2026/03/04 6:31 p.m.8 views

EUVD-2026-9430

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the network. This...

5.8CVSS6AI score0.00303EPSS
Exploits0References2
NVD
NVD
added 2026/03/04 6:16 p.m.10 views

CVE-2026-20015

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This...

5.8CVSS0.00303EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:22 p.m.4 views

CVE-2026-20049

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

7.7CVSS6AI score0.00292EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.6 views

PT-2026-22973

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This...

5.8CVSS6AI score0.00303EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/12/19 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

9.8CVSS6.1AI score0.18047EPSS
In wildExploits1References8
EUVD
EUVD
added 2025/12/05 12:31 a.m.4 views

EUVD-2025-201298

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service DoS condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware O...

8.7CVSS6.5AI score0.00414EPSS
Exploits0References2
OSV
OSV
added 2025/12/04 10:15 p.m.5 views

CVE-2025-11838

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service DoS condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware O...

7.5CVSS5.7AI score0.00414EPSS
Exploits0References1
Brave Browser
Brave Browser
added 2025/12/02 12:34 a.m.10 views

Brave Desktop 1.85.111 Security Fixes

Improved IKEv2 VPN configuration parameters on Windows. - Enabled WASM Interpreter when JIT is disabled. Upgraded Chromium to 143.0.7499.40 — refer to Google Chrome advisories for inherited CVEs...

5.8AI score
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24877

Malicious code in bioql PyPI...

5.8CVSS6.5AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/19 8:21 a.m.4 views

CVE-2025-9242

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

9.3CVSS7.7AI score0.8637EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/09/17 7:29 a.m.3 views

CVE-2025-9242 WatchGuard Firebox iked Out of Bounds Write Vulnerability

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

9.3CVSS7.3AI score0.8637EPSS
Exploits2References1
OSV
OSV
added 2025/05/07 6:15 p.m.1 views

CVE-2025-20182

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...

8.6CVSS6.7AI score0.0048EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/01/14 10:48 a.m.4 views

libreswan: Invalid IKEv2 REKEY proposal causes restart

An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...

6.5CVSS5.8AI score0.00691EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.4 views

SonicWALL SonicOS 安全漏洞

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from an integer buffer overflow vulnerability via IPSec, which can be exploited by remote attackers to cause a denial of...

9.8CVSS7.9AI score0.00786EPSS
Exploits0References1
Rows per page
Query Builder