Lucene search
K

303 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/03 3:15 p.m.4 views

CVE-2026-23440

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race condition during IPSec ESN update In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and checking...

5.7AI score0.00206EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/04/03 4:2 a.m.3 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/03 4:2 a.m.8 views

Antrea has Missing Encryption of Sensitive Data

Impact This is a missing encryption vulnerability CWE-311 affecting inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fails to apply encryption for IPv6 Pod traffic. While the IPv4 traffic is correctl...

7.5CVSS5.8AI score0.00121EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30135

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the handling of IPSec ESN Extended Sequence Number wrap events in the mlx5e driver when operating in IPSec full offload mode. After validating an ESN event, th...

9.8CVSS6AI score0.00443EPSS
Exploits0References483
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions in the processing of IPSec ESN updates, potentially leading to inconsistent states...

7.5CVSS5.8AI score0.00206EPSS
Exploits0References5
CVE
CVE
added 2026/04/02 2:46 p.m.10 views

CVE-2026-34820

Endian Firewall

6.4CVSS5.9AI score0.00138EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.6 views

Siemens APE1808 Integer Overflow or Wraparound (CVE-2024-46669)

AnInteger Overflow or Wraparound vulnerability in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service. This plugin...

6.5CVSS5.9AI score0.00583EPSS
Exploits0References3
Fedora
Fedora
added 2026/03/13 1:0 a.m.4 views

[SECURITY] Fedora 42 Update: strongswan-6.0.4-2.fc42

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel...

8.1CVSS5.7AI score0.00879EPSS
Exploits0
NVD
NVD
added 2026/03/04 6:16 p.m.8 views

CVE-2026-20049

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

7.7CVSS0.00292EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.8 views

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...

7.7CVSS5.8AI score0.00292EPSS
Exploits0References2
Arista
Arista
added 2026/02/17 12:0 a.m.32 views

Security Advisory 0134

Security Advisory 0134 PDF Date: February 17, 2026 Revision | Date | Changes ---|---|--- 1.0 | February 17, 2026 | Initial release The CVE-ID tracking this issue: CVE-2026-2379 CVSSv3.1 Base Score: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Common Weakness Enumeration: CWE-672: Operation on...

8.2CVSS5.4AI score0.00226EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/01/26 10:4 a.m.17 views

CVE-2025-59097

The CVE-2025-59097 issue affects the dormakaba exos 9300 configuration GUI used to push configurations to Access Managers (e.g., 92xx, 9230, 9290). When the user saves a configuration, the SOAP payload is sent to the selected Access Manager without authentication or authorization by default. Whil...

9.3CVSS5.9AI score0.00523EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-21674)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21674 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix inversion dependency...

5.5CVSS5.3AI score0.00173EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001390)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001390 advisory. The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is...

7.8CVSS6.8AI score0.00571EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004177)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004177 advisory. A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic...

7.5CVSS6.4AI score0.02404EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002300)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002300 advisory. The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended...

5CVSS7.9AI score0.04144EPSS
Exploits2References18
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001688)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001688 advisory. A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user...

7.8CVSS6.9AI score0.05524EPSS
Exploits2References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ixgbevf: Fixed compatibility issues with the mailbox API by negotiating supported features. There was backward compatibility regarding the mailbox API. Various drivers from different operating systems that support 10G adapters...

6AI score0.00183EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:3 a.m.9 views

CVE-2011-0841

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP...

7.8CVSS6.5AI score0.0126EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 3:30 p.m.4 views

EUVD-2025-203704

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: initialize MAC header offset in qmimuxrxfixup Raw IP packets have no MAC header, leaving skb-macheader uninitialized. This can trigger kernel panics on ARM64 when xfrm or other subsystems access the offset due ...

6AI score0.00177EPSS
Exploits0References9
Rows per page
Query Builder