Lucene search
K

267 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Juniper Junos OS Vulnerability (JSA107868)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107868 advisory. - An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series...

8.7CVSS5.9AI score0.00338EPSS
Exploits0References2
NVD
NVD
added 2026/04/03 11:17 p.m.9 views

CVE-2021-4477

Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec deployments that allows traffic from VPN connections to bypass configured firewall rules. Attackers can exploit this vulnerability by establishing IPv6 IPsec connections IKEv1 or IKEv2 while...

9.3CVSS0.00319EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/03 10:37 p.m.2 views

CVE-2021-4477 Hirschmann HiLCOS OpenBAT BAT450 IPv6 IPsec Firewall Bypass

Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec deployments that allows traffic from VPN connections to bypass configured firewall rules. Attackers can exploit this vulnerability by establishing IPv6 IPsec connections IKEv1 or IKEv2 while...

9.3CVSS5.9AI score0.00319EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.4 views

CVE-2026-23440

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race condition during IPSec ESN update In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and checking...

7.5CVSS5.7AI score0.00206EPSS
Exploits0References7
CVE
CVE
added 2026/04/03 3:15 p.m.23 views

CVE-2026-23440

CVE-2026-23440 is a Linux kernel vulnerability in the net/mlx5e IPSec ESN update path. A race condition could cause the ESN wrap event to be processed twice: after validating the event, the driver updates the kernel xfrm state and the lock is temporarily released, risking incorrect ESN high-order...

7.5CVSS5.7AI score0.00206EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/04/03 4:2 a.m.2 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 4:2 a.m.2 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the IPSec ASO context, which may lead to context corruption...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.3 views

Study of Post Quantum Status of Widely Used Protocols

The advent of quantum computing poses significant threats to classical public-key cryptographic primitives such as RSA and elliptic-curve cryptography. As many critical network and security protocols depend on these primitives for key exchange and authentication, there is an urgent need to...

6AI score
Exploits0
EUVD
EUVD
added 2026/03/04 6:31 p.m.6 views

EUVD-2026-9436

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

7.7CVSS6AI score0.00292EPSS
Exploits0References2
Cisco
Cisco
added 2026/03/04 4:0 p.m.9 views

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IPsec Denial of Service Vulnerability

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

7.7CVSS6AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 7:27 p.m.5 views

CVE-2026-0620

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.3AI score0.00247EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 6:5 p.m.3 views

CVE-2026-0620

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.3AI score0.00247EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/03 6:5 p.m.3 views

CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.3AI score0.00247EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/03 6:5 p.m.7 views

EUVD-2026-5210

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.3AI score0.00247EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-6013

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS5.4AI score0.00247EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 4 : openswan-2.6.32-4.2.0.1.AXS4 (AXSA:2011-553:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-553:01 advisory. Openswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authenticatio...

5CVSS5.6AI score0.02273EPSS
Exploits0References2
Fedora
Fedora
added 2026/01/13 1:13 a.m.7 views

[SECURITY] Fedora 42 Update: NetworkManager-l2tp-1.52.0-1.fc42

This package contains software for integrating L2TP and L2TP over IPsec VPN support with the NetworkManager...

3.3CVSS7AI score0.00162EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000310)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000310 advisory. A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module,...

5.5CVSS6.7AI score0.00491EPSS
Exploits1References4
CVE
CVE
added 2025/12/16 1:43 p.m.22 views

CVE-2025-68192

Technical details about CVE-2025-68192 are not publicly disclosed in the provided connected documents; the SUSE/OpenVAS/Nessus entries reference the CVE but do not furnish product/component/version/root-cause/fix specifics. Monitor for updates.

6.1AI score0.00177EPSS
Exploits0References8
Rows per page
Query Builder