Lucene search
K

649 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-41456

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...

9.2CVSS6.2AI score0.00588EPSS
Exploits0References2
NVD
NVD
added 4 days ago9 views

CVE-2026-13368

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...

9.2CVSS0.00588EPSS
Exploits0References1
CVE
CVE
added 5 days ago16 views

CVE-2026-13084

CVE-2026-13084 is a null pointer dereference in WatchGuard Fireware OS iked process that enables remote unauthenticated DoS via specially crafted IKEv2 messages. Affected are Fireware OS versions 11.10.2–11.12.4_Update1, 12.0–12.12, and 2025.1–2026.2; impact is high (CVSS 8.7) with network attack...

8.7CVSS5.8AI score0.00495EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago43 views

CVE-2026-13368 WatchGuard Firebox Race Condition and Use-After-Free in Mobile VPN with IKEv2 LDAP Authentication

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...

9.2CVSS0.00588EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago9 views

CVE-2026-13368

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...

9.2CVSS6.2AI score0.00588EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago62 views

CVE-2026-13368

WatchGuard Fireware OS contains a race condition that leads to a use-after-free in LDAP authentication for Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this to execute arbitrary code in the iked process on Fireboxes configured to use an external LDAP authentication ...

9.2CVSS6.2AI score0.00588EPSS
Exploits0References1
NVD
NVD
added 5 days ago8 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS0.0033EPSS
Exploits0References4
Cvelist
Cvelist
added 5 days ago26 views

CVE-2026-50721 IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS0.00367EPSS
Exploits0References4
CVE
CVE
added 5 days ago13 views

CVE-2026-50722

Libreswan is affected by CVE-2026-50722 through RSA_authenticate_hash_signature_pkcs1_1_5_rsa, which fails to properly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload uses RSASSA-PKCS1-v1_5 (RFC 8017). This enables a remote attacker to perform a Bleichenbacher-like variati...

8.1CVSS6.3AI score0.0033EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score0.00367EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago25 views

CVE-2026-12413 IKEv2 Denial of Service via malformed fragmentation

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS0.00597EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago10 views

PT-2026-55314

Name of the Vulnerable Software and Affected Versions Libreswan affected versions not specified Description An invalidly formatted IKEv2 fragment can cause the pluto daemon to crash and restart, leading to a denial of service. The issue occurs within the reassemble v2 incoming fragments function,...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.14 views

WatchGuard FireboxV LDAP Race Condition

WatchGuard FireboxV with firmware version 12.11.6 Build B728370 suffers from a race condition in rscryptosetupldapserver libpkicli.so that allows two concurrently-processed IKEv1 Aggressive Mode packets to trigger a double-free and use-after-Free on the global LDAP connection handle. The research...

5.5AI score
Exploits0
EUVD
EUVD
added 2026/06/08 11:7 a.m.15 views

EUVD-2026-35047

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

9.3CVSS5.9AI score0.70099EPSS
Exploits5References1
EUVD
EUVD
added 2026/06/08 11:0 a.m.13 views

EUVD-2026-35046

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS5.8AI score0.04859EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/08 11:0 a.m.10 views

CVE-2026-50752 Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS5.5AI score0.04859EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

Check Point Quantum Security Gateway 授权问题漏洞

Check Point Quantum Security Gateway is a series of enterprise-level security gateway devices developed by the Israeli company Check Point. The Check Point Quantum Security Gateway has an authorization issue vulnerability, which stems from a defect in the certificate verification logic process...

9.3CVSS5.8AI score0.70099EPSS
Exploits5References2
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/08 12:0 a.m.12 views

Check Point Security Gateway Improper Authentication Vulnerability

Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

9.3CVSS5.9AI score0.70099EPSS
In wildExploits5
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.12 views

CVE-2026-48132

The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...

8.1CVSS5.8AI score0.02139EPSS
Exploits0References1
Rows per page
Query Builder