Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2808 matches found

Ubuntu
Ubuntuadded 2015/01/05 1:19 p.m.58 views

USN-2450-1: strongSwan vulnerability

Mike Daskalakis discovered that strongSwan incorrectly handled IKEv2 payloads that contained the Diffie-Hellman group 1025. A remote attacker could use this issue to cause the IKE daemon to crash, resulting in a denial of service...

5CVSS8.2AI score0.03823EPSS
Exploits0
OpenVAS
OpenVASadded 2015/01/05 12:0 a.m.48 views

Debian Security Advisory DSA 3118-1 (strongswan - security update)

Mike Daskalakis reported a denial of service vulnerability in charon, the IKEv2 daemon for strongSwan, an IKE/IPsec suite used to establish IPsec protected links. The bug can be triggered by an IKEv2 Key Exchange KE payload that contains the Diffie-Hellman DH group 1025. This identifier is from t...

5CVSS9.7AI score0.03823EPSS
Exploits0References1
OSV
OSVadded 2015/01/05 12:0 a.m.13 views

DSA-3118-1 strongswan - security update

Bulletin has no description...

5CVSS6.3AI score0.03823EPSS
Exploits0
OpenVAS
OpenVASadded 2015/01/04 12:0 a.m.25 views

Debian: Security Advisory (DSA-3118-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.6AI score0.03823EPSS
Exploits0References3
Gentoo Linux
Gentoo Linuxadded 2014/12/13 12:0 a.m.30 views

strongSwan: Multiple Vulnerabilities

Background strongSwan is an IPSec implementation for Linux. Description A NULL pointer dereference and an error in the IKEv2 implementation have been found in strongSwan. Impact A remote attacker could create a Denial of Service condition or bypass security restrictions. Workaround There is no...

6.4CVSS6.5AI score0.02492EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2014/11/26 12:0 a.m.24 views

OracleVM 2.1 : ipsec-tools (OVMSA-2009-0010)

The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2009-1574 racoon/isakmpfrag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service crash via crafted fragmented packets without a payload, which triggers a NULL pointer...

7.8CVSS5.3AI score0.11631EPSS
Exploits3References5
Gentoo Linux
Gentoo Linuxadded 2014/11/23 12:0 a.m.28 views

Openswan: Denial of service

Background Openswan is an implementation of IPsec for Linux. Description A NULL pointer dereference has been found in Openswan. Impact A remote attacker could create a Denial of Service condition. Workaround There is no known workaround at this time. Resolution Gentoo has discontinued support for...

5CVSS6.4AI score0.02664EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2014/11/12 12:0 a.m.265 views

RHEL 6 : kernel (RHSA-2014:1843)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1843 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux...

6.9CVSS6.3AI score0.00596EPSS
Exploits0References10
OpenVAS
OpenVASadded 2014/11/12 12:0 a.m.307 views

CentOS Update for kernel CESA-2014:1843 centos6

Check the version of kernel SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882079";...

6.9CVSS6.2AI score0.00596EPSS
Exploits0References2
Cent OS
Cent OSadded 2014/11/11 7:31 p.m.90 views

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2014:1843 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...

6.9CVSS6.5AI score0.00596EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2014/11/11 3:34 p.m.66 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

6.9CVSS6.5AI score0.00596EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2014/08/01 12:0 a.m.21 views

Cisco IOS IPSec Packet DoS (CSCui79745)

According to its self-reported version, the remote IOS device is affected by a denial of service vulnerability. A denial of service flaw exists within IPSec packet handling. An authenticated attacker, using a malformed IPSec packet, could cause the device to reboot. TRUSTED...

6.8CVSS7.8AI score0.03135EPSS
Exploits0References3
ThreatPost
ThreatPostadded 2014/07/30 2:36 p.m.13 views

ICS-CERT Warns of Flaw in Innominate mGuard Secure Cloud Product

The ICS-CERT is warning users about a vulnerability in a secure public cloud product from Innominate that enables an attacker to gain valuable configuration data about a target system, information that could be used in future attacks. The vulnerability is an information disclosure bug in the...

0.2AI score
Exploits0References2
OPENSUSE Linux
OPENSUSE Linuxadded 2014/07/08 8:4 p.m.55 views

kernel update fixes local privilege escalation and a regression causing a crash if IPsec peer is unavailable (important)

kernel update for Evergreen 11.4 fixes local privilege escalation in futex code bnc880892 / CVE-2014-3153 and a regression causing a crash if IPsec peer is unavailable...

7.2CVSS2.9AI score0.37233EPSS
Exploits15References2
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.22 views

IPsec-Tools Prior to 0.7.2 - Multiple Remote Denial of Service Vulnerabilities

No description provided by source. / racoon-isakmp-dos.c Copyright c 2009 by [email protected] ipsec-tools racoon frag-isakmp DoS POC by mu-b - Thu Apr 02 2009 - Tested on: ipsec-tools-0.7.1 - Private Source Code -DO NOT DISTRIBUTE - http://www.digit-labs.org/ -- Digit-Labs 2009!@$! / include...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.31 views

PFsense UTM Platform 2.0.1 XSS Vulnerability

No description provided by source. ???????????????????????????????????????????????????????????????????????????????? ? Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication ? Date: 04/01/2013 ? Author: Dimitris Strevinas ? Vendor or Software Link: www.pfsense.org ? Version: =...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.19 views

Microsoft Windows 2000 Internet Key Exchange DoS Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/3652/info Internet Protocol Security IPSec provides authentication and encryption for IP network traffic. The Internet Key Exchange IKE protocol is a management protocol standard which is used with the IPSec standard. IKE...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.76 views

IPComp encapsulation pre-auth kernel memory corruption

No description provided by source. //source: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload ------------------------------------------------------------------------------- Gruezi, this...

7.5CVSS0.6AI score0.05476EPSS
Exploits4
Cisco
Ciscoadded 2014/06/25 3:6 p.m.21 views

Cisco IOS Software IPsec Denial of Service Vulnerability

A vulnerability in IPsec processing of Cisco IOS Software could allow an authenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper processing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec...

6.8CVSS8.9AI score0.03135EPSS
Exploits0References1
NVD
NVDadded 2014/06/25 11:19 a.m.17 views

CVE-2014-3299

Cisco IOS allows remote authenticated users to cause a denial of service device reload via malformed IPsec packets, aka Bug ID CSCui79745...

6.8CVSS8.7AI score0.03135EPSS
Exploits0References4
Rows per page
Query Builder