577 matches found
CVE-2021-1424
A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software StarOS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 IKEv2 packets. An attacker...
CVE-2025-20182
A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...
CVE-2025-20182 Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software and IOS XE Software IKEv2 Denial of Service Vulnerability
A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...
CVE-2025-20182 Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software and IOS XE Software IKEv2 Denial of Service Vulnerability
A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...
CVE-2025-20182
The CVE-2025-20182 entry describes a DoS vulnerability in IKEv2 message processing affecting Cisco ASA, FTD, IOS, and IOS XE. The root cause is insufficient input validation when handling IKEv2 traffic, which could allow an unauthenticated remote attacker to force a device reload and thus a DoS c...
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 Denial of Service Vulnerability
A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...
PT-2025-20257 · Cisco · Cisco Ftd +3
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Cisco IOS Software affected versions not specified Cisco IOS XE Software affected...
Cisco IOS XR Denial of Service Vulnerability (CNVD-2025-15800)
Cisco IOS XR is an operating system developed by the American company Cisco for its network devices. A denial of service vulnerability exists in Cisco IOS XR. The vulnerability stems from the incorrect handling of malformed IKEv2 packets. An attacker could exploit the vulnerability to cause a...
CVE-2025-20209
A vulnerability in the Internet Key Exchange version 2 IKEv2 function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An...
CVE-2025-20209
A vulnerability in the Internet Key Exchange version 2 IKEv2 function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An...
CVE-2025-20209
CVE-2025-20209 describes a denial-of-service vulnerability in Cisco IOS XR’s Internet Key Exchange version 2 (IKEv2) handling. The issue arises from improper processing of malformed IKEv2 packets, which could allow an unauthenticated, remote attacker to prevent the device from processing any cont...
PT-2025-11104 · Cisco · Cisco Ios Xr
Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the Internet Key Exchange version 2 IKEv2 function could allow an unauthenticated, remote attacker to prevent an affected device from processing any control...
Linux Distros Unpatched Vulnerability : CVE-2024-2357
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use...
Linux Distros Unpatched Vulnerability : CVE-2023-38710
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify...
CVE-2020-11291
Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IO...
CVE-2024-20426
A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol for VPN termination of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...
Moderate: Red Hat Security Advisory: libreswan security update
An update for libreswan is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01662)
SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from an integer buffer overflow vulnerability via IPSec, which can be exploited by remote attackers to cause a denial of...
CVE-2024-40765
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service DoS and potentially execute arbitrary code by sending a specially crafted IKEv2 payload...
CVE-2024-40765
Summary: CVE-2024-40765 is an integer-based buffer overflow vulnerability in SonicOS’s IPSec implementation that can be triggered by a crafted IKEv2 payload to cause DoS and potentially arbitrary code execution. Affected software: SonicOS (SonicWall appliances) with IPSec/IKEv2 processing describ...