Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.8 views

RockyLinux 8 : libreswan (RLSA-2023:7052)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7052 advisory. libreswan: Invalid IKEv2 REKEY proposal causes restart CVE-2023-38710 libreswan: Invalid IKEv1 Quick Mode ID causes restart CVE-2023-38711 libreswan:...

6.5CVSS6.6AI score0.00691EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2026/01/14 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2026-1093)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.1CVSS6.7AI score0.00375EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/01/14 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2026-1031)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.1CVSS6.7AI score0.00375EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.5 views

PT-2025-47207

Name of the Vulnerable Software and Affected Versions IBM Storage Virtualize versions 8.4 through 9.1 Description The IKEv1 implementation contains a flaw that could allow remote attackers to obtain sensitive information from device memory during a Security Association SA negotiation request...

7.5CVSS6.4AI score0.00315EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-7644

Malware in sbrugna...

5.9CVSS7.7AI score0.05031EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-9478

Malware in sbrugna...

5.9CVSS6.9AI score0.02015EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2021-2752

Malicious code in bioql PyPI...

8.1CVSS8AI score0.0085EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-8277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory durin...

3.1CVSS6.3AI score0.00375EPSS
Exploits0References3
CVE
CVE
added 2025/08/06 8:48 a.m.46 views

CVE-2025-8556

CVE-2025-8556 affects CIRCL’s FourQ elliptic-curve implementation used in session Diffie-Hellman. The issue permits low-order point injection and incorrect point validation, weakening Diffie-Hellman key exchange and session security. Public details document a CVSS v3.1 base score of 3.7 (Low) wit...

3.7CVSS6.6AI score0.00452EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/03/25 8:36 p.m.4 views

golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh

A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange...

7.5CVSS7.1AI score0.00868EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/11/12 12:0 a.m.7 views

PT-2022-27425 · Simplexmq +1 · Simplexmq +1

Name of the Vulnerable Software and Affected Versions: SimpleXMQ versions prior to 3.4.0 SimpleX Chat versions prior to 4.2 Description: The issue occurs in the X3DH key exchange for the double ratchet protocol, where a key derivation function is not applied to intended data. This can interfere...

5.3CVSS5.2AI score0.00582EPSS
Exploits1References7
OSV
OSV
added 2021/06/09 8:15 p.m.3 views

CVE-2021-0133

Key exchange without entity authentication in the IntelR Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access...

8.1CVSS5.8AI score0.0085EPSS
Exploits0References1
OSV
OSV
added 2016/11/17 12:0 a.m.4 views

UBUNTU-CVE-2016-8635

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group...

5.9CVSS6.8AI score0.02015EPSS
Exploits0References3
OSV
OSV
added 2015/01/09 2:59 a.m.4 views

DEBIAN-CVE-2014-3572

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message...

5CVSS6.3AI score0.06574EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/08/27 12:0 a.m.42 views

ISS Protection Brief: Entrust Libkmp Library Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Brief August 26, 2004 Entrust LibKmp Library Buffer Overflow Summary: ISS X-Force has discovered a flaw in the Entrust LibKmp ISAKMP library. This library is used by multiple VPN vendors to facilitate IKE key exchange for...

0.1AI score
Exploits0
Rows per page
Query Builder