VYPR
Vendor

Ietf

Products
4
CVEs
10
Across products
10
Status
Private

Products

4

Recent CVEs

10
  • CVE-2004-2761CriJan 5, 2009
    risk 0.67cvss 9.8epss 0.10

    The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.

  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2016-10142HigJan 14, 2017
    risk 0.56cvss 8.6epss 0.03

    An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of this CVE is all affected IPv6 implementations from all vendors.) The security implications of IP fragmentation have been discussed at length in [RFC6274] and…

  • CVE-2015-8960HigSep 21, 2016
    risk 0.53cvss 8.1epss 0.02

    The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server…

  • CVE-2020-1118May 21, 2020
    risk 0.01cvss epss 0.16

    A denial of service vulnerability exists in the Windows implementation of Transport Layer Security (TLS) when it improperly handles certain key exchanges, aka 'Microsoft Windows Transport Layer Security Denial of Service Vulnerability'.

  • CVE-2025-23019Jan 14, 2025
    risk 0.00cvss epss 0.01

    IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface.

  • CVE-2025-23018Jan 14, 2025
    risk 0.00cvss epss 0.01

    IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.

  • CVE-2020-27337Dec 22, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the IPv6 component allows an unauthenticated remote attacker to cause an Out of Bounds Write, and possibly a Denial of Service via network access.

  • CVE-2020-27336Dec 22, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input validation in the IPv6 component when handling a packet sent by an unauthenticated remote attacker could result in an out-of-bounds read of up to three bytes via network access.

  • CVE-2007-2242Apr 25, 2007
    risk 0.00cvss epss 0.05

    The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.