2012 matches found
CVE-2026-50696
Heap-based buffer overflow in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...
CVE-2026-50696
CVE-2026-50696 is a heap-based buffer overflow in the Windows Internet Key Exchange (IKE) Protocol that allows an unauthenticated, network-based attacker to cause a denial of service. The vulnerability is documented across several sources (NVD and CVE records), with a CVSS v3.1 base score of 7.5 ...
CVE-2026-50696 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
...
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
Heap-based buffer overflow in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...
CVE-2026-50722
A flaw was found in Libreswan's implementation of IKEv2 authentication when processing signatures utilizing the RSASSA-PKCS1-v15 scheme. The RSAauthenticatehashsignaturepkcs115rsa function does not correctly validate the DER encoding of the ASN.1 digest. A remote, unauthenticated attacker could...
OESA-2026-2910 libreswan security update
Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
OESA-2026-2909 libreswan security update
Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message
...
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 DoS (cisco-sa-multiprod-ikev2-dos-gPctUqv2)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and...
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 DoS (cisco-sa-multiprod-ikev2-dos-gPctUqv2)
According to its self-reported version, Cisco IOS Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cis...
OPENSUSE-SU-2026:21247-1 Security update for docker-compose
This update for docker-compose fixes the following issues - CVE-2025-0495: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239766. - CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the...
IKEv2 Denial of Service via malformed fragmentation
...
IKEv2 Denial of Service via RSA-SHA1 (PKCS#1 RSASSA-PKCS1-v1_5) authentication payload
...
IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload
...
EUVD-2026-41456
WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...
CVE-2026-13368
WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...
CVE-2026-13084 Null Pointer Dereference in WatchGuard Fireware OS iked Process
A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...
CVE-2026-13084
A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...
CVE-2026-13084
CVE-2026-13084 is a null pointer dereference in WatchGuard Fireware OS iked process that enables remote unauthenticated DoS via specially crafted IKEv2 messages. Affected are Fireware OS versions 11.10.2–11.12.4_Update1, 12.0–12.12, and 2025.1–2026.2; impact is high (CVSS 8.7) with network attack...
CVE-2026-13368 WatchGuard Firebox Race Condition and Use-After-Free in Mobile VPN with IKEv2 LDAP Authentication
WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that...