CVE-2024-3652

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-404
View all →

Vulnerability Description

The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.

Related Vulnerabilities

CVE-2013-1054

MEDIUM
CVSS:6.5(Medium)

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initializ...

CWE-4042013

CVE-2019-15302

MEDIUM
CVSS:6.5(Medium)

The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker (who has access to a Rich Text pad with editing rights for the URL) to corrupt it (i.e., cause data loss) via a tr...

CWE-4042019

CVE-2020-0414

MEDIUM
CVSS:6.5(Medium)

In AudioFlinger::RecordThread::threadLoop of audioflinger/Threads.cpp, there is a possible non-silenced audio buffer due to a permissions bypass. This could lead to remote information disclosure with ...

CWE-4042020

CVE-2020-14307

MEDIUM
CVSS:6.5(Medium)

A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a r...

CWE-4042020

CVE-2020-4325

MEDIUM
CVSS:6.5(Medium)

The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams inform...

CWE-4042020

CVE-2021-4280

MEDIUM
CVSS:6.5(Medium)

A vulnerability was found in styler_praat_scripts. It has been classified as problematic. Affected is an unknown function of the file file_segmenter.praat of the component Slash Handler. The manipulat...

CWE-4042021