EUVD-2025-34677

OpenSearch Data Prepper uses deprecated SSL protocol identifier...

EUVD-2015-8424

Malware in sbrugna...

libreswan: Invalid IKEv2 REKEY proposal causes restart

An assertion failure flaw was found in the Libreswan package that occurs when processing IKEv2 REKEY requests. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notification INVALIDSPI is sent back. The notify payload's protocol ID is copied from...

SUSE CVE-2023-38710

An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...

kernel: information leak in the IPv4 implementation

An information leak flaw was found in the Linux kernel’s IPv4 implementation in the iprtinit in net/ipv4/route.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information...

kernel: information leak in the IPv6 implementation

An information leak flaw was found in the Linux kernel’s IPv6 implementation in the ipv6selectident in net/ipv6/outputcore.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information...

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

Kernel: net: weak IP ID generation leads to remote device tracking

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe a weak IP ID generation in this field to track Linux devices...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system...

Ubuntu: Security Advisory (USN-2910-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SecureCRT 2.4/3.x/4.0 SSH1 Identifier String Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/5287/info The SecureCRT client is prone to a buffer-overflow condition when attempting to handle an overly long SSH1 protocol identifier string. Reportedly, an attacker can exploit this issue via a malicious server...

Nokia S60 SMS/MMS (Curse of Silence) Denial of Service Vulnerability

No description provided by source. Vulnerability Advisory ====================== Remote SMS/MMS Denial of Service - "Curse Of Silence" for Nokia S60 phones URL === https://berlin.ccc.de/tobias/cos/s60-curse-of-silence-advisory.txt Video =====...

Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service

Vulnerability Advisory ====================== Remote SMS/MMS Denial of Service - "Curse Of Silence" for Nokia S60 phones URL === https://berlin.ccc.de/tobias/cos/s60-curse-of-silence-advisory.txt Video ===== https://berlin.ccc.de/tobias/cos/s60-curse-of-silence-demo.avi Affected Products...

Nokia S60 SMSMMS (Curse of Silence) - Denial of Service

Nokia S60 SMSMMS Curse of Silence - Denial of Service Vulnerability Advisory ====================== Remote SMS/MMS Denial of Service - "Curse Of Silence" for Nokia S60 phones URL === https://berlin.ccc.de/tobias/cos/s60-curse-of-silence-advisory.txt Video =====...

security flaw

The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...

MS:22D8D13B-6E87-41DE-B791-F385370C4754

...