Lucene search
+L

2012 matches found

NVD
NVD
added 3 days ago3 views

CVE-2026-50696

Heap-based buffer overflow in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...

7.5CVSS0.00834EPSS
Exploits0References1
CVE
CVE
added 3 days ago8 views

CVE-2026-50696

CVE-2026-50696 is a heap-based buffer overflow in the Windows Internet Key Exchange (IKE) Protocol that allows an unauthenticated, network-based attacker to cause a denial of service. The vulnerability is documented across several sources (NVD and CVE records), with a CVSS v3.1 base score of 7.5 ...

7.5CVSS6.2AI score0.00834EPSS
Exploits0References1Affected Software9
Cvelist
Cvelist
added 3 days ago20 views

CVE-2026-50696 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

...

7.5CVSS0.00834EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 3 days ago4 views

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

Heap-based buffer overflow in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...

7.5CVSS6.2AI score0.00834EPSS
Exploits0
RedhatCVE
RedhatCVE
added 3 days ago9 views

CVE-2026-50722

A flaw was found in Libreswan's implementation of IKEv2 authentication when processing signatures utilizing the RSASSA-PKCS1-v15 scheme. The RSAauthenticatehashsignaturepkcs115rsa function does not correctly validate the DER encoding of the ASN.1 digest. A remote, unauthenticated attacker could...

8.1CVSS6.1AI score0.00352EPSS
Exploits0References7
OSV
OSV
added 2026/07/09 12:50 p.m.2 views

OESA-2026-2910 libreswan security update

Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...

8.1CVSS6.5AI score0.00597EPSS
Exploits0References4
OSV
OSV
added 2026/07/09 12:50 p.m.2 views

OESA-2026-2909 libreswan security update

Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...

8.1CVSS6.5AI score0.00597EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/07/09 8:3 a.m.7 views

Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message

...

6.3CVSS6.1AI score0.0032EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.7 views

Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 DoS (cisco-sa-multiprod-ikev2-dos-gPctUqv2)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and...

8.6CVSS6.9AI score0.0048EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.8 views

Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 DoS (cisco-sa-multiprod-ikev2-dos-gPctUqv2)

According to its self-reported version, Cisco IOS Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cis...

8.6CVSS6.9AI score0.0048EPSS
Exploits0References5
OSV
OSV
added 2026/07/07 12:35 p.m.2 views

OPENSUSE-SU-2026:21247-1 Security update for docker-compose

This update for docker-compose fixes the following issues - CVE-2025-0495: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239766. - CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the...

9.6CVSS6.8AI score0.00868EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2026/07/04 8:3 a.m.5 views

IKEv2 Denial of Service via malformed fragmentation

...

7.5CVSS6.1AI score0.00597EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/07/04 8:3 a.m.5 views

IKEv2 Denial of Service via RSA-SHA1 (PKCS#1 RSASSA-PKCS1-v1_5) authentication payload

...

8.1CVSS6.1AI score0.00352EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/07/04 8:3 a.m.4 views

IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload

...

8.1CVSS6.1AI score0.00392EPSS
Exploits0
EUVD
EUVD
added 2026/07/03 12:31 a.m.8 views

EUVD-2026-41456

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...

9.2CVSS6.2AI score0.00646EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 12:16 a.m.10 views

CVE-2026-13368

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...

9.2CVSS0.00646EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:6 p.m.42 views

CVE-2026-13084 Null Pointer Dereference in WatchGuard Fireware OS iked Process

A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...

8.7CVSS0.00495EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:6 p.m.13 views

CVE-2026-13084

A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...

8.7CVSS5.8AI score0.00495EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/02 11:6 p.m.24 views

CVE-2026-13084

CVE-2026-13084 is a null pointer dereference in WatchGuard Fireware OS iked process that enables remote unauthenticated DoS via specially crafted IKEv2 messages. Affected are Fireware OS versions 11.10.2–11.12.4_Update1, 12.0–12.12, and 2025.1–2026.2; impact is high (CVSS 8.7) with network attack...

8.7CVSS5.8AI score0.00495EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:6 p.m.46 views

CVE-2026-13368 WatchGuard Firebox Race Condition and Use-After-Free in Mobile VPN with IKEv2 LDAP Authentication

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...

9.2CVSS0.00646EPSS
Exploits0References1
Rows per page
Query Builder