SUSE CVE-2026-45905

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...

CVE-2026-45905

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...

CVE-2026-45905

CVE-2026-45905 : In the Linux kernel, a race in icmp_route_lookup’s reverse path can cause an ICMP output path to select a LOCAL route due to a faulty call to ip_route_input(). Specifically, during reverse-path handling, ip_route_input() may receive fl4_dec.daddr as destination and return a LOCAL...

EUVD-2008-1342

Malware in sbrugna...

CVE-2023-2385

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=ikepolicies.htm of the component Web Management Interface. The manipulation of the argument IpsecIKEPolicy.IKEPolicyName...

CVE-2023-47209

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...

CVE-2023-47209

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...

Command injection

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...

CVE-2023-47209

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...

The web interface of Netgear’s SRX5308 router software has vulnerabilities that allow attackers to carry out cross-site scripting attacks.

The vulnerability in the web interface for managing Netgear SRX5308 integrated software routers exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to carry out a cross-site scripting attack by sending a specially crafted HTTP request usin...

CVE-2023-2385

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=ikepolicies.htm of the component Web Management Interface. The manipulation of the argument IpsecIKEPolicy.IKEPolicyName...

Check over WMI if IPSec Policy used for Windows - Windows

The script detects over WMI if IPSec Policy used under Windows 2000 and XP. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

smb 0day network penetration and Defense-vulnerability warning-the black bar safety net

This smb 0day vulnerabilities out for a long time, since the bun work is too busy, has not bother to pay attention to it. The vulnerability affects vista, Windows 7 and windows 2 0 0 8, EXP now surely everyone on hand the others also have, it was tested can be very good to attack vista and 2 0 0 ...

Default configuration

Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions...

Design/Logic Flaw

The ipsec4getulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fastipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a...

CVE-2008-1335

CVE-2008-1335 affects NetBSD kernel (ipsec4_get_ulp) on 2.0–3.1 and NetBSD-current before 20071028 with fast_ipsec enabled, allowing remote attackers to bypass IPsec policy by sending packets from a source with different endianness than the destination. This is a separate vulnerability from CVE-2...