CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2018/03/09 3:29 p.m.•15 views

CVE-2018-6916

9.8CVSS9.3AI score0.02204EPSS

CVE•added 2018/03/09 3:0 p.m.•69 views

CVE-2018-6916

CVE-2018-6916 affects FreeBSD kernels prior to 11.1-STABLE/11.1-RELEASE-p7, 10.4-STABLE/10.4-RELEASE-p7, and 10.3-RELEASE-p28. The issue comprises two related IPsec flaws: (1) the kernel does not properly validate IPsec packets from a trusted host, and (2) a use-after-free in the IPsec AH handlin...

9.8CVSS7AI score0.02204EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/03/09 3:0 p.m.•13 views

CVE-2018-6916

7.2AI score0.02204EPSS

Debian CVE•added 2018/03/09 3:0 p.m.•19 views

CVE-2018-6916

Removed by vendor...

9.8CVSS9.4AI score0.02204EPSS

FreeBSD•added 2018/03/07 12:0 a.m.•17 views

FreeBSD -- ipsec validation and use-after-free

Problem Description: Due to a lack of strict checking, an attacker from a trusted host can send a specially constructed IP packet that may lead to a system crash. Additionally, a use-after-free vulnerability in the AH handling code could cause unpredictable results. Impact: Access to out of bound...

9.8CVSS9AI score0.02204EPSS

FreeBSD Advisory•added 2018/03/07 12:0 a.m.•8 views

FreeBSD-SA-18:01.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:01.ipsec REVISED Security Advisory The FreeBSD Project Topic: ipsec validation and use-after-free Category: core Module: ipsec Announced: 2018-03-07 Credits:...

9.8CVSS7.2AI score0.02204EPSS

Tenable Nessus•added 2018/02/14 12:0 a.m.•32 views

openSUSE Security Update : ipsec-tools (openSUSE-2018-159)

This update for ipsec-tools fixes one issue. This security issue was fixed : - CVE-2016-10396: The racoon daemon contained a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments that allowed a remote attacker to exhaust computational resources on the remo...

7.8CVSS6.9AI score0.02928EPSS

Tenable Nessus•added 2018/02/13 12:0 a.m.•19 views

SUSE SLES12 Security Update : ipsec-tools (SUSE-SU-2018:0424-1)

7.8CVSS6.9AI score0.02928EPSS

Exploits0References4

Tenable Nessus•added 2018/02/13 12:0 a.m.•21 views

SUSE SLES11 Security Update : ipsec-tools (SUSE-SU-2018:0423-1)

7.8CVSS6.9AI score0.02928EPSS

Exploits0References4

OSV•added 2018/02/12 7:47 a.m.•4 views

SUSE-SU-2018:0423-1 Security update for ipsec-tools

This update for ipsec-tools fixes one issue. This security issue was fixed: - CVE-2016-10396: The racoon daemon contained a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments that allowed a remote attacker to exhaust computational resources on the remot...

7.8CVSS7.5AI score0.02928EPSS

OSV•added 2018/02/12 7:46 a.m.•6 views

SUSE-SU-2018:0424-1 Security update for ipsec-tools

This update for ipsec-tools fixes one issue. This security issue was fixed: - CVE-2016-10396: The racoon daemon contained a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments that allowed a remote attacker to exhaust computational resources on the remot...

7.8CVSS7.5AI score0.02928EPSS

n0where•added 2018/02/07 9:26 p.m.•596 views

Build Your Own IPsec VPN Server: Auto Setup Scripts

Set up your own IPsec VPN server in just a few minutes, with both IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, and let the scripts handle the rest. An IPsec VPN encrypts your network traffic, so that nobody between you and the VP...

Exploits0References4

OpenVAS•added 2018/02/07 12:0 a.m.•26 views

Debian: Security Advisory (DLA-1044-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.02928EPSS

Tenable Nessus•added 2018/01/10 12:0 a.m.•88 views

Debian DSA-4082-1 : linux - security update (Meltdown)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to...

7.8CVSS7.2AI score0.84172EPSS

Exploits11References33

Prion•added 2018/01/04 2:29 p.m.•17 views

Denial of service

Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a denial of service vulnerability due to the way objects are handled in memory, aka "Windows IPSec Denial of Service Vulnerability"...

7.1CVSS5.7AI score0.09024EPSS

Exploits0References3Affected Software3

NVD•added 2018/01/04 2:29 p.m.•17 views

CVE-2018-0753

7.1CVSS5.6AI score0.09024EPSS

Cvelist•added 2018/01/04 2:0 p.m.•24 views

CVE-2018-0753

5.5AI score0.09024EPSS

CVE•added 2018/01/04 2:0 p.m.•136 views

CVE-2018-0753

CVE-2018-0753 describes a denial-of-service vulnerability in Windows IPSec where the system may stop responding due to how objects are handled in memory. Affected products explicitly include Windows 8.1/RT 8.1, Windows Server 2012/2012 R2, Windows 10 versions 1511/1607/1703/1709, Windows Server 2...

7.1CVSS5.4AI score0.09024EPSS

Exploits0References3Affected Software5

Microsoft CVE•added 2018/01/03 8:0 a.m.•26 views

Windows IPSec Denial of Service Vulnerability

A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate...

7.1CVSS3.5AI score0.09024EPSS