Vulnerabilities > Ietf > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-27 | CVE-2021-27854 | Authentication Bypass by Spoofing vulnerability in multiple products Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse. | 4.7 |
2022-09-27 | CVE-2021-27861 | Authentication Bypass by Spoofing vulnerability in multiple products Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers) | 4.7 |
2022-09-27 | CVE-2021-27862 | Authentication Bypass by Spoofing vulnerability in multiple products Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers). | 4.7 |
2022-09-27 | CVE-2021-27853 | Authentication Bypass by Spoofing vulnerability in multiple products Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. | 4.7 |
2021-01-20 | CVE-2020-20949 | Inadequate Encryption Strength vulnerability in multiple products Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924). | 4.3 |
2021-01-19 | CVE-2020-20950 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. | 4.3 |
2018-09-06 | CVE-2018-5389 | Weak Password Requirements vulnerability in Ietf Internet KEY Exchange 1.0 The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. | 5.9 |
2009-01-05 | CVE-2004-2761 | Cryptographic Issues vulnerability in Ietf MD5 The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. | 5.0 |