OracleVM 3.4 : kernel-uek (OVMSA-2022-0031)

The remote OracleVM system is missing necessary patches to address security updates: - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c. CVE-2019-19377 - Ther...

CVE-2022-3624

A memory leak flaw was found in the Linux kernel IPSec functionality. This issue could allow a local user to crash the system...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-10065)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10065 advisory. - btrfs: Don't submit any btree write bio if the fs has errors Qu Wenruo Orabug: 31265340 CVE-2019-19377 - scsi: stex: Properly zero out the...

CVE-2022-23746

The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender SNX. If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords...

Authentication flaw

The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender SNX. If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords...

PT-2022-16247 · Check Point · Check Point Ipsec Vpn Blade

Name of the Vulnerable Software and Affected Versions: Check Point IPsec VPN blade affected versions not specified Description: The issue concerns a brute-force attack vulnerability when the IPsec VPN blade's portal is configured for username/password authentication, allowing attackers to target...

CVE-2022-23746

The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender SNX. If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords...

CVE-2022-23746

CVE-2022-23746 concerns brute-force vulnerability in the IPsec VPN blade SNX portal when configured for username/password authentication. The Red Hat, NVD, and other records consistently describe a credential-guessing flaw targeting the SNX portal; exploitation status is not detailed in the provi...

CVE-2022-23746

The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender SNX. If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords...

CVE-2022-3635

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tsttimer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 ...

Tenda AC1200 Command Injection Vulnerability

Tenda AC1200 is a wireless router from Tenda, China.A command injection vulnerability exists in the IPsecLocalNet and IPsecRemoteNet parameters of the Tenda AC1200 setIPsecTunnelList function. An attacker can exploit this vulnerability to perform command injection...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:4053-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4053-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Th...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5728-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5728-2 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading t...

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5727-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5727-1 advisory. It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5729-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5729-1 advisory. It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could...

CVE-2022-41396

Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters...

Command injection

Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters...

CVE-2022-41396

CVE-2022-41396 affects Tenda AC1200 Router Model W15Ev2, specifically the setIPsecTunnelList function where command injection is possible via the IPsecLocalNet and IPsecRemoteNet parameters. The issue is documented across multiple sources (NVD/NVD-derived entries and CNVD/CNNVD mirrors) with CVSS...

Tenda AC1200 操作系统命令注入漏洞

Tenda AC1200 is a wireless router from Tenda, China.A command injection vulnerability exists in the IPsecLocalNet and IPsecRemoteNet parameters of the Tenda AC1200 setIPsecTunnelList function. An attacker can exploit this vulnerability to perform command injection...

[SECURITY] Fedora 37 Update: strongswan-5.9.8-1.fc37

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel...