Vulnerabilities > Strongswan > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-07 | CVE-2023-41913 | Classic Buffer Overflow vulnerability in Strongswan strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. | 9.8 |
| 2023-04-15 | CVE-2023-26463 | Improper Certificate Validation vulnerability in Strongswan 5.9.8/5.9.9 strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. | 9.8 |
| 2022-01-31 | CVE-2021-45079 | NULL Pointer Dereference vulnerability in multiple products In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication. | 9.1 |
| 2017-09-07 | CVE-2015-3991 | Data Processing Errors vulnerability in Strongswan 5.2.2/5.3.0 strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code. | 9.8 |
| 2004-12-06 | CVE-2004-0590 | FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject. | 10.0 |