Lucene search
+L

269 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:22 p.m.9 views

CVE-2021-23048

On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x, when GPRS Tunneling Protocol GTP iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the...

7.5CVSS7AI score0.00961EPSS
Exploits0References1
NVD
NVD
added 2025/05/09 4:15 p.m.11 views

CVE-2025-4432

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

5.3CVSS0.00865EPSS
Exploits0References8
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.6 views

libreswan security update

An update is available for libreswan. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the...

6.5CVSS7AI score0.008EPSS
Exploits0
CVE
CVE
added 2025/04/03 12:0 a.m.79 views

CVE-2025-29991

CVE-2025-29991 affects Yubico YubiKey 5.4.1–5.7.3; the FIDO CTAP PIN/UV Auth Protocol Two implementation incorrectly uses the 16-byte signature length from Protocol One, causing partial signature verification when Protocol Two is chosen. Remediation: update to version 5.7.4 or later. Other disclo...

2.2CVSS7AI score0.00115EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.8 views

The vulnerability of the IPSec component of the Ivanti Connect Secure network access control tool allows a hacker to trigger a service failure.

The vulnerability of the IPSec component in the Ivanti Connect Secure network access control tool is related to buffer overflow in the stack. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS7.8AI score0.01495EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.6 views

The vulnerability of the IPSec component of the Ivanti Connect Secure network access control tool allows a hacker to trigger a service failure.

The vulnerability of the IPSec component in the Ivanti Connect Secure network access control tool is related to reading data beyond the allowed range in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS7.2AI score0.01858EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-32458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to...

9.8CVSS8.1AI score0.01958EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an out-of-bounds read during a lookup in the xfrm: state module...

7.1CVSS6.6AI score0.00223EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/19 1:0 a.m.5 views

kernel: xfrm: fix one more kernel-infoleak in algo dumping

A vulnerability was found in the xfrm module in the Linux Kernel. This issue was discovered during fuzz testing, where uninitialized memory containing potentially sensitive data was inadvertently copied to user-space. This issue occurs when dumping IPsec algorithm data structures, exposing random...

5.5CVSS7.2AI score0.00252EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/06 4:46 a.m.12 views

CVE-2021-37560

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS Wi-Fi Protected Setup protocol. Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write...

9.3CVSS7AI score0.01197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:48 a.m.10 views

CVE-2024-37164

Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. CVAT allows users to supply custom endpoint URLs for cloud storages based on Amazon S3 and Azure Blob Storage. Starting in version 2.1.0 and prior to version 2.14.3, an attacker with a CVAT...

8.5CVSS8.5AI score0.00347EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.11 views

Amazon Linux 2 : containerd (ALASDOCKER-2025-049)

The version of containerd installed on the remote host is prior to 1.7.25-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-049 advisory. Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization...

9.1CVSS7.5AI score0.03153EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.15 views

Amazon Linux 2 : containerd (ALASECS-2025-046)

The version of containerd installed on the remote host is prior to 1.7.25-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-046 advisory. Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization...

9.1CVSS7.5AI score0.03153EPSS
Exploits2References4
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from improper use of the Soft Interrupt SOFTIRQ security lock in the mlx5exfrmaddstate and...

5.5CVSS6.3AI score0.00173EPSS
Exploits0References4
NVD
NVD
added 2025/01/30 8:15 p.m.44 views

CVE-2024-10604

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

6.9CVSS0.00223EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2025/01/20 3:8 p.m.29 views

Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers

New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access ...

6.5CVSS5.8AI score0.28537EPSS
Exploits0
OSV
OSV
added 2025/01/14 2:15 p.m.5 views

CVE-2024-46669

An Integer Overflow or Wraparound vulnerability CWE-190 in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service...

6.5CVSS5.8AI score0.00593EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.6 views

Fortinet FortiOS 访问控制错误漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An access control...

5CVSS6.5AI score0.00929EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.12 views

The vulnerability in the implementation of IPSec protocols on the SonicOS operating system allows a attacker to trigger a Denial-of-Service attack (DoS) or execute arbitrary code.

The vulnerability of the implementation of IPSec protocols on the SonicOS operating system is related to a numerical overflow condition. Exploiting this vulnerability allows a malicious actor to trigger a Denial-of-Service attack or execute arbitrary code by sending a specially crafted IKEv2...

5.3CVSS6.3AI score0.008EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.6 views

SonicWALL SonicOS 安全漏洞

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS that stems from an integer buffer overflow vulnerability via IPSec, which can be exploited by remote attackers to cause a denial of...

9.8CVSS7.9AI score0.008EPSS
Exploits0References1
Rows per page
Query Builder