CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the...

3.5CVSS5.4AI score0.00155EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 12:32 a.m.•5 views

CVE-2013-5473

Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service memory consumption or device reload via malformed IKEv1 packets, aka Bug ID CSCtx66011...

7.8CVSS6.9AI score0.00427EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 10:3 p.m.•3 views

CVE-2006-0718

The Internet Key Exchange version 1 IKEv1 implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service crash via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of...

10CVSS6.8AI score0.02583EPSS

Exploits0References1

Vulnrichment•added 2023/05/28 12:0 a.m.•4 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

6.8AI score0.00185EPSS

Exploits0References1

OSV•added 2022/01/25 12:13 p.m.•5 views

MGASA-2022-0030 Updated libreswan packages fix security vulnerability

Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. CVE-2022-23094...

7.5CVSS7.3AI score0.01479EPSS

Exploits1References5

OSV•added 2020/05/15 3:48 p.m.•1 views

MGASA-2020-0215 Updated libreswan packages fix security vulnerability

Updated libreswan packages fix security vulnerability: An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan. An unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the...

7.5CVSS7.5AI score0.05681EPSS

Exploits0References4

CVE•added 2016/10/05 5:0 p.m.•66 views

CVE-2016-6381

CVE-2016-6381 affects Cisco IOS and IOS XE software's IKEv1 fragmentation handling. The issue allows unauthenticated, remote attackers to cause a denial of service by exhausting memory or triggering a device reload through specially crafted fragmented IKEv1 packets. Affected versions include IOS ...

7.5CVSS7.3AI score0.01252EPSS

Exploits0References3Affected Software6

Cvelist•added 2016/10/05 5:0 p.m.•15 views

CVE-2016-6381

Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service memory consumption or device reload via fragmented IKEv1 packets, aka Bug ID CSCuy47382...

7.4AI score0.01252EPSS

Exploits0References3

Prion•added 2013/09/27 10:8 a.m.•13 views

Memory corruption

7.8CVSS7.2AI score0.00427EPSS

Exploits0References1Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by