267 matches found
Juniper Junos OS Vulnerability (JSA107868)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107868 advisory. - An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series...
CVE-2021-4477
Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec deployments that allows traffic from VPN connections to bypass configured firewall rules. Attackers can exploit this vulnerability by establishing IPv6 IPsec connections IKEv1 or IKEv2 while...
CVE-2021-4477 Hirschmann HiLCOS OpenBAT BAT450 IPv6 IPsec Firewall Bypass
Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec deployments that allows traffic from VPN connections to bypass configured firewall rules. Attackers can exploit this vulnerability by establishing IPv6 IPsec connections IKEv1 or IKEv2 while...
CVE-2026-23440
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race condition during IPSec ESN update In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and checking...
CVE-2026-23440
CVE-2026-23440 is a Linux kernel vulnerability in the net/mlx5e IPSec ESN update path. A race condition could cause the ESN wrap event to be processed twice: after validating the event, the driver updates the kernel xfrm state and the lock is temporarily released, risking incorrect ESN high-order...
Missing Encryption of Sensitive Data
Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...
Missing Encryption of Sensitive Data
Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the IPSec ASO context, which may lead to context corruption...
Study of Post Quantum Status of Widely Used Protocols
The advent of quantum computing poses significant threats to classical public-key cryptographic primitives such as RSA and elliptic-curve cryptography. As many critical network and security protocols depend on these primitives for key exchange and authentication, there is an urgent need to...
EUVD-2026-9436
A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IPsec Denial of Service Vulnerability
A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...
CVE-2026-0620
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
CVE-2026-0620
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
EUVD-2026-5210
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
PT-2026-6013
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
MiracleLinux 4 : openswan-2.6.32-4.2.0.1.AXS4 (AXSA:2011-553:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-553:01 advisory. Openswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authenticatio...
[SECURITY] Fedora 42 Update: NetworkManager-l2tp-1.52.0-1.fc42
This package contains software for integrating L2TP and L2TP over IPsec VPN support with the NetworkManager...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000310)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000310 advisory. A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module,...
CVE-2025-68192
Technical details about CVE-2025-68192 are not publicly disclosed in the provided connected documents; the SUSE/OpenVAS/Nessus entries reference the CVE but do not furnish product/component/version/root-cause/fix specifics. Monitor for updates.