Lucene search
K

485 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/25 4:18 p.m.5 views

CVE-2026-20010

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of specific...

7.4CVSS5.5AI score0.00167EPSS
Exploits0References2Affected Software3
Vulnrichment
Vulnrichment
added 2026/02/25 4:18 p.m.3 views

CVE-2026-20010 Cisco Nexus 3000 and 9000 Series Switches Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of specific...

7.4CVSS5.5AI score0.00167EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/25 4:14 p.m.4 views

CVE-2026-20051

A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when...

7.4CVSS5.6AI score0.00156EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/25 4:14 p.m.24 views

CVE-2026-20051 Cisco Nexus 3600-R and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability

A vulnerability with the Ethernet VPN EVPN Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when...

7.4CVSS0.00156EPSS
Exploits0References1
CVE
CVE
added 2026/02/25 4:14 p.m.28 views

CVE-2026-20051

Summary: CVE-2026-20051 affects Cisco Nexus 3600 Series switches and Nexus 9500-R Series platforms, where a logic error in Ethernet VPN (EVPN) Layer 2 ingress packet processing can be triggered by a crafted Layer 2 frame. An unauthenticated, adjacent attacker could induce a Layer 2 traffic loop t...

7.4CVSS5.6AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2026/02/18 10:30 a.m.7 views

OSEC-2026-02 ARP unbounded memory usage

Background Mirage's implementation of the ARP protocol RFC826 caches ARP replies to construct an IPv4 address - MAC address cache. This cache is long-lived effectively global, and also contains pending ARP requests, which are replaced by the reply, or deleted after a timeout. ARP replies that do...

7.4CVSS6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-23120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG:...

5.5CVSS6.2AI score0.00114EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/02/14 3:9 p.m.2 views

CVE-2026-23120

In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tptunneldelwork / skcommonrelease write to...

5.5CVSS5.2AI score0.00114EPSS
Exploits0
Cvelist
Cvelist
added 2026/02/14 3:9 p.m.30 views

CVE-2026-23120 l2tp: avoid one data-race in l2tp_tunnel_del_work()

In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tptunneldelwork / skcommonrelease write to...

0.00114EPSS
Exploits0References7
OSV
OSV
added 2026/02/14 3:9 p.m.4 views

CVE-2026-23120 l2tp: avoid one data-race in l2tp_tunnel_del_work()

In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tptunneldelwork / skcommonrelease write to...

5.5CVSS5.2AI score0.00114EPSS
Exploits0References10
Metasploit
Metasploit
added 2026/02/13 6:59 p.m.507 views

FreeBSD rtsold/rtsol DNSSL Command Injection

This module exploits a command injection vulnerability CVE-2025-14558 in FreeBSD's rtsol8 and rtsold8 programs. These programs do not validate the domain search list options provided in IPv6 Router Advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell...

7.2CVSS5.5AI score0.06272EPSS
Exploits7
RedhatCVE
RedhatCVE
added 2026/02/04 7:27 p.m.5 views

CVE-2026-0620

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.3AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 4:7 p.m.33 views

CVE-2026-23072 l2tp: Fix memleak in l2tp_udp_encap_recv().

In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...

0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/02/03 7:16 p.m.15 views

CVE-2026-0620

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS0.00247EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 6:5 p.m.3 views

CVE-2026-0620

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.3AI score0.00247EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/03 6:5 p.m.7 views

EUVD-2026-5210

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.3AI score0.00247EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/03 6:5 p.m.28 views

CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS0.00247EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/03 6:5 p.m.3 views

CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.3AI score0.00247EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

TP-LINK Archer AXE75 安全漏洞

The TP-LINK Archer AXE75 is a wireless router produced by TP-LINK Corporation. The TP-Link Archer AXE75 V1 has a security vulnerability. This vulnerability arises when it is configured as a L2TP/IPSec VPN server. Even if IPSec is enabled, it may still accept L2TP connections that are not protecte...

6CVSS5.8AI score0.00247EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-6013

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.4AI score0.00247EPSS
Exploits0References4
Rows per page
Query Builder