Vulnerabilities > Xelerance > Openswan > 2.6.40

DATE CVE VULNERABILITY TITLE RISK
2018-09-26 CVE-2018-15836 Improper Verification of Cryptographic Signature vulnerability in Xelerance Openswan
In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification.
network
low complexity
xelerance CWE-347
5.0
2014-11-26 CVE-2014-2037 Improper Input Validation vulnerability in Xelerance Openswan 2.6.40
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
network
low complexity
xelerance CWE-20
5.0