Lucene search
+L

577 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:14 p.m.6 views

CVE-2021-1424

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software StarOS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 IKEv2 packets. An attacker...

5.3CVSS7.1AI score0.00778EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 6:15 p.m.11 views

CVE-2025-20182

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...

8.6CVSS0.0048EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 5:18 p.m.19 views

CVE-2025-20182 Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software and IOS XE Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...

8.6CVSS8.5AI score0.0048EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 5:18 p.m.23 views

CVE-2025-20182 Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software and IOS XE Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...

8.6CVSS0.0048EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 5:18 p.m.89 views

CVE-2025-20182

The CVE-2025-20182 entry describes a DoS vulnerability in IKEv2 message processing affecting Cisco ASA, FTD, IOS, and IOS XE. The root cause is insufficient input validation when handling IKEv2 traffic, which could allow an unauthenticated remote attacker to force a device reload and thus a DoS c...

8.6CVSS8.5AI score0.0048EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2025/05/07 4:0 p.m.18 views

Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...

8.6CVSS8.5AI score0.0048EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.8 views

PT-2025-20257 · Cisco · Cisco Ftd +3

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Cisco IOS Software affected versions not specified Cisco IOS XE Software affected...

8.6CVSS6.6AI score0.0048EPSS
Exploits0References3
CNVD
CNVD
added 2025/03/20 12:0 a.m.2 views

Cisco IOS XR Denial of Service Vulnerability (CNVD-2025-15800)

Cisco IOS XR is an operating system developed by the American company Cisco for its network devices. A denial of service vulnerability exists in Cisco IOS XR. The vulnerability stems from the incorrect handling of malformed IKEv2 packets. An attacker could exploit the vulnerability to cause a...

7.5CVSS6.9AI score0.00507EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/14 5:59 p.m.6 views

CVE-2025-20209

A vulnerability in the Internet Key Exchange version 2 IKEv2 function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An...

7.5CVSS7.1AI score0.00507EPSS
Exploits0References1
NVD
NVD
added 2025/03/12 4:15 p.m.11 views

CVE-2025-20209

A vulnerability in the Internet Key Exchange version 2 IKEv2 function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An...

7.5CVSS0.00507EPSS
Exploits0References2
CVE
CVE
added 2025/03/12 4:13 p.m.75 views

CVE-2025-20209

CVE-2025-20209 describes a denial-of-service vulnerability in Cisco IOS XR’s Internet Key Exchange version 2 (IKEv2) handling. The issue arises from improper processing of malformed IKEv2 packets, which could allow an unauthenticated, remote attacker to prevent the device from processing any cont...

7.5CVSS7.4AI score0.00507EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/12 12:0 a.m.5 views

PT-2025-11104 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the Internet Key Exchange version 2 IKEv2 function could allow an unauthenticated, remote attacker to prevent an affected device from processing any control...

7.8CVSS6.5AI score0.00507EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-2357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use...

6.5CVSS5.8AI score0.00944EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-38710

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify...

6.5CVSS6.7AI score0.00691EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 2:10 p.m.13 views

CVE-2020-11291

Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IO...

10CVSS7.6AI score0.00937EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:17 a.m.10 views

CVE-2024-20426

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol for VPN termination of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

8.6CVSS7.2AI score0.00541EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/01/14 10:48 a.m.17 views

Moderate: Red Hat Security Advisory: libreswan security update

An update for libreswan is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

6.5CVSS6.6AI score0.00691EPSS
Exploits0References4
CNVD
CNVD
added 2025/01/10 12:0 a.m.6 views

Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01662)

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from an integer buffer overflow vulnerability via IPSec, which can be exploited by remote attackers to cause a denial of...

9.8CVSS8.4AI score0.008EPSS
Exploits0References1
NVD
NVD
added 2025/01/09 8:15 a.m.14 views

CVE-2024-40765

An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service DoS and potentially execute arbitrary code by sending a specially crafted IKEv2 payload...

9.8CVSS0.008EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 7:12 a.m.60 views

CVE-2024-40765

Summary: CVE-2024-40765 is an integer-based buffer overflow vulnerability in SonicOS’s IPSec implementation that can be triggered by a crafted IKEv2 payload to cause DoS and potentially arbitrary code execution. Affected software: SonicOS (SonicWall appliances) with IPSec/IKEv2 processing describ...

9.8CVSS7.9AI score0.008EPSS
Exploits0References1
Rows per page
Query Builder