EUVD-2005-1061

Malware in sbrugna...

EUVD-2017-15221

Malware in sbrugna...

EUVD-2025-22125

Malicious code in bioql PyPI...

CVE-2025-44649

In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchagemode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security...

CVE-2025-44649

The CVE-2025-44649 entry affects TRENDnet TEW-WLC100P 2.03b03, where the racoon configuration uses exchage_mode = aggressive in IKE Phase 1. This exposes identity information in plaintext and is vulnerable to offline dictionary attacks, while limiting security-parameter negotiation. CVSS v3.1 bas...

CVE-2025-44649

In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchagemode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security...

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass

wpasupplicant is vulnerable to authentication bypass due to its implementation of Protected Extensible Authentication Protocol PEAP. An attacker could exploit this in order to trick a victim into connecting to a malicious clone of an Enterprise WiFi network and subsequently intercept their traffi...

Improper Authentication

wpasupplicant is vulnerable to the Improper Authentication vulnerability. The vulnerability arises because wpasupplicant can be configured to skip TLS certificate verification during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be exploited to bypass Phase 2 authentication...

Authentication flaw

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

K05263202: BIG-IP IPsec tunnel endpoint vulnerability CVE-2017-6156

Security Advisory Description When the BIG-IP system is configured with a wildcard IPsec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPsec negotiations. The attacker must possess the necessary credentials to negotiate the phase...

F5 Networks BIG-IP : BIG-IP IPsec tunnel endpoint vulnerability (K05263202)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.5.6 / 11.6.1 HF2 / 12.1.2 / 13.0.0. It is, therefore, affected by a vulnerability as referenced in the K05263202 advisory. - When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured...

Researchers Break IPsec VPN Connections with 20-Year-Old Protocol Flaw

A new Bleichenbacher oracle cryptographic attack has been set loose on the world, using a 20-year-old protocol flaw to compromise the Internet Key Exchange IKE protocol used to secure IP communications. Specifically, the attack targets IKE’s handshake implementation used for IPsec-based VPN...

Design/Logic Flaw

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary...

CVE-2017-6156

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary...

Mark host as dead if going offline (failed ICMP ping) during scan - Phase 1

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-6610

A vulnerability in the Internet Key Exchange Version 1 IKEv1 XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation...

Default configuration

The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before...

PFsense UTM Platform 2.0.1 XSS Vulnerability

No description provided by source. ???????????????????????????????????????????????????????????????????????????????? ? Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication ? Date: 04/01/2013 ? Author: Dimitris Strevinas ? Vendor or Software Link: www.pfsense.org ? Version: =...

TrueCrypt is Secure; Encryption Tool cleared the First Phase of Security Audit

Is TrueCrypt Audited Yet? Yes, In Part! One of the world's most-used open source file encryption software trusted by tens of millions of users - TrueCrypt is being audited by a team of experts to assess if it could be easily exploited and cracked. Hopefully it has cleared the first phase of the...