111 matches found
RLSA-2023:7052 Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: Validates the prefix length of new SA entries using the SA family, when sel.family is unset. This extends the validation introduced in commit 07bf7908950a “xfrm: Validates address prefix lengths in the xfrm selector”. The...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: brcmfmac: cfg80211 – Handle SSID-based PMKSA deletion wpasupplicant 2.11 sends commands for PMKSA flush based on SSID from version 1efdba5fdc2c “Handle PMKSA flush in the driver for SAE/OWE offload cases”. The brcmfmac...
CVE-2025-62514
Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...
Microsoft announces the 2026 Security Excellence Awards winners
In today’s fast‑moving digital arena, security isn’t a solo act—it’s a team sport. Every day, defenders across the globe suit up, strategize, and work shoulder‑to‑shoulder to protect organizations and communities from an ever‑evolving field of cyberthreats. That shared spirit of collaboration is...
CVE-2026-22027
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the converthexstringtobytearray function in th...
CVE-2025-36118
IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request...
CVE-2025-36118
IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request...
CVE-2025-36118 IBM Storage Virtualize Information Disclosure
IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request...
PT-2025-47207
Name of the Vulnerable Software and Affected Versions IBM Storage Virtualize versions 8.4 through 9.1 Description The IKEv1 implementation contains a flaw that could allow remote attackers to obtain sensitive information from device memory during a Security Association SA negotiation request...
EUVD-2020-12522
Malware in sbrugna...
EUVD-2006-0909
Malware in sbrugna...
EUVD-2002-1090
Malware in sbrugna...
EUVD-2025-13901
Malicious code in bioql PyPI...
EUVD-2025-29057
Malicious code in bioql PyPI...
AZL-70760 CVE-2025-39797 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi. This function is expected to ensure uniqueness of the Security...
CVE-2021-23039
On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote IPSec peer, which already has a negotiated Security Association, can cause the Traffi...
kernel: bonding: fix xfrm real_dev null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...
CVE-2025-20192
A vulnerability in the Internet Key Exchange version 1 IKEv1 implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability. This vulnerability is du...
CVE-2025-20192
Summary: CVE-2025-20192 affects Cisco IOS XE Software. It is a vulnerability in the IKEv1 implementation where improper validation of IKEv1 phase 2 parameters before handing off to the hardware cryptographic accelerator can allow an authenticated, remote attacker with valid IKEv1 VPN credentials ...