Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pluto vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-18995
Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, ...
Abb Gate-e1 Firmware
Abb Gate-e2 Firmware
6.1
CVSSv3
CVE-2018-18997
Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an malicious user to display/execute...
Abb Gate-e1 Firmware
Abb Gate-e2 Firmware
7.5
CVSSv3
CVE-2023-2295
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the ...
Libreswan Libreswan 4.9-1.el8
Libreswan Libreswan 4.9-1.el9
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Server Tus 8.8
Redhat Enterprise Linux Server Aus 8.8
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
6.1
CVSSv3
CVE-2015-5241
After logging into the portal, the logout jsp page redirects the browser back to the login page after. It is feasible for malicious users to redirect the browser to an unintended web page in Apache jUDDI 3.1.2, 3.1.3, 3.1.4, and 3.1.5 when utilizing the portlets based user interf...
Apache Juddi 3.1.2
Apache Juddi 3.1.4
Apache Juddi 3.1.3
Apache Juddi 3.1.5
6.5
CVSSv3
CVE-2023-38711
An issue exists in Libreswan prior to 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4....
Libreswan Libreswan
6.5
CVSSv3
CVE-2023-38712
An issue exists in Libreswan 3.x and 4.x prior to 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the del...
Libreswan Libreswan
NA
CVE-2013-2052
Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote malicious users to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT recor...
Libreswan Libreswan 3.0
Libreswan Libreswan 3.1
NA
CVE-2013-2054
Buffer overflow in the atodn function in strongSwan 2.0.0 up to and including 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote malicious users to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via ...
Strongswan Strongswan 2.4.3
Strongswan Strongswan 2.5.7
Strongswan Strongswan 2.4.2
Strongswan Strongswan 4.1.8
Strongswan Strongswan 4.1.11
Strongswan Strongswan 2.6.16
Strongswan Strongswan 2.5.3
Strongswan Strongswan 2.8.0
Strongswan Strongswan 4.2.6
Strongswan Strongswan 2.8.1
Strongswan Strongswan 2.4.4
Strongswan Strongswan 2.6.0
Strongswan Strongswan 2.3.0
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.1.1
Strongswan Strongswan 2.7.2
Strongswan Strongswan 4.2.10
Strongswan Strongswan 2.1.0
Strongswan Strongswan 2.1.5
Strongswan Strongswan 2.0.2
Strongswan Strongswan 2.8.9
Strongswan Strongswan 2.8.8
NA
CVE-2009-2661
The asn1_length function in strongSwan 2.8 prior to 2.8.11, 4.2 prior to 4.2.17, and 4.3 prior to 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote malicious users to cause a denial of service (pluto IKE daemon...
Strongswan Strongswan 2.8.5
Strongswan Strongswan 2.8.6
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.2.0
Strongswan Strongswan 2.8.10
Strongswan Strongswan 4.2.16
Strongswan Strongswan 2.8.3
Strongswan Strongswan 2.8.4
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.2.14
Strongswan Strongswan 4.3.1
Strongswan Strongswan 4.3.2
Strongswan Strongswan 2.8.1
Strongswan Strongswan 2.8.2
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.3.0
Strongswan Strongswan 2.8.0
Strongswan Strongswan 2.8.7
Strongswan Strongswan 2.8.8
Strongswan Strongswan 4.2.2
6.5
CVSSv3
CVE-2023-38710
An issue exists in Libreswan prior to 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies o...
Libreswan Libreswan
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »