CVE-2026-20012

A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...

CVE-2026-20014

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS condition on an affected device that may also impact the availability of services to devices...

CVE-2026-20013

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the network. This...

EUVD-2015-0655

Malware in sbrugna...

EUVD-2013-6270

Malware in sbrugna...

EUVD-2015-0656

Malware in sbrugna...

EUVD-2012-4941

Malware in sbrugna...

EUVD-2021-6891

Malicious code in bioql PyPI...

CVE-2021-1424

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software StarOS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 IKEv2 packets. An attacker...

Cisco IOS XR Denial of Service Vulnerability (CNVD-2025-15800)

Cisco IOS XR is an operating system developed by the American company Cisco for its network devices. A denial of service vulnerability exists in Cisco IOS XR. The vulnerability stems from the incorrect handling of malformed IKEv2 packets. An attacker could exploit the vulnerability to cause a...

The Bug Report - May 2023 Edition

The Bug Report – May 2023 Edition By Mark Bereza · June 7, 2023 Why am I here? In the film The Number 23, Jim Carrey masterfully portrays Walter Sparrow, a man who finds himself obsessed with the number 23 after coming upon a book detailing the 23 enigma, and begins to see it everywhere he looks,...

Libreswan Code Issues Vulnerabilities

Libreswan is an IPsec implementation similar to Openswan, which is mainly used to ensure security, integrity issues in data transmission. A code issue vulnerability exists in Libreswan versions prior to 3.28, which can be exploited by an attacker to cause a null pointer dereference by sending two...

EUVD-2017-3810

A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of servi...

CVE-2015-0643

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service memory consumption and device reload by...

CVE-2015-0642

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service device reload by sending malformed IKEv2...

Code injection

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service device reload by sending malformed IKEv2...

CVE-2015-0642

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service device reload by sending malformed IKEv2...

CVE-2014-2037

Openswan 2.6.40 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon restart via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466...

Null pointer dereference

Openswan 2.6.40 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon restart via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466...

CVE-2014-2037

OpenSwan 2.6.40 is affected by CVE-2014-2037. The vulnerability allows remote attackers to cause a denial of service via IKEv2 packets that lack expected payloads, leading to a NULL pointer dereference and a restart of the IKE daemon. The issue is noted as stemming from an incomplete fix for CVE-...