CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27371
https://notcve.org/view.php?id=CVE-2025-27371
03 Mar 2025 — In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 9101 (JAR), and RFC 9126 (PAR). • https://openid.net/notice-of-a-security-vulnerability • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7596 – Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet
https://notcve.org/view.php?id=CVE-2024-7596
05 Feb 2025 — Proposed Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered similar to CVE-2020-10136. • https://datatracker.ietf.org/doc/draft-ietf-intarea-gue •
CVSS: 6.5EPSS: 3%CPEs: 1EXPL: 2CVE-2024-7595 – GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet
https://notcve.org/view.php?id=CVE-2024-7595
05 Feb 2025 — GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered similar to CVE-2020-10136. • https://github.com/PapayaJackal/ipeeyoupeewepee •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23018
https://notcve.org/view.php?id=CVE-2025-23018
14 Jan 2025 — IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136. • https://datatracker.ietf.org/doc/html/rfc2473 • CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23019
https://notcve.org/view.php?id=CVE-2025-23019
14 Jan 2025 — IPv6-in-IPv4 tunneling (RFC 4213) allows an attacker to spoof and route traffic via an exposed network interface. • https://datatracker.ietf.org/doc/html/rfc4213 • CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 9.0EPSS: 0%CPEs: 36EXPL: 1CVE-2024-3596 – RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.
https://notcve.org/view.php?id=CVE-2024-3596
09 Jul 2024 — RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. El protocolo RADIUS según RFC 2865 es susceptible a ataques de falsificación por parte de un atacante local que puede modificar cualquier respuesta válida (acceso-aceptación, acceso-rechazo o acceso-desafío) a cualquier otra respuesta... • https://github.com/alperenugurlu/CVE-2024-3596-Detector • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-328: Use of Weak Hash CWE-354: Improper Validation of Integrity Check Value CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39920
https://notcve.org/view.php?id=CVE-2024-39920
03 Jul 2024 — The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system (to any server), when that client system is concurrently obtaining TCP data at a slow rate from an attacker-controlled server, aka the "SnailLoad" issue. For example, the attack can begin by measuring RTTs via the TCP segments whose role is to provide an ACK control bit and an Acknowledgment Number. El protocolo TCP en RFC 9293 tiene un canal latera... • https://github.com/IAIK/SnailLoad • CWE-1255: Comparison Logic is Vulnerable to Power Side-Channel Attacks •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3661 – DHCP routing options can manipulate interface-based VPN traffic
https://notcve.org/view.php?id=CVE-2024-3661
06 May 2024 — DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. Por diseño, el protocolo DHCP no autentica mensajes, incluida, por ejemplo, la opción de ruta estática sin clases (121). Un atacante con la capacidad de ... • https://github.com/a1xbit/DecloakingVPN • CWE-306: Missing Authentication for Critical Function CWE-501: Trust Boundary Violation •
CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27862 – L2 network filtering bypass using stacked VLAN0 and LLC/SNAP headers with an invalid length during Ethernet to Wifi frame translation
https://notcve.org/view.php?id=CVE-2021-27862
27 Sep 2022 — Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers). Las capacidades de filtrado de red de capa 2, como la protección RA de IPv6, pueden omitirse usando encabezados LLC/SNAP con una longitud no válida y la conversión de tramas de Ethernet a Wifi (y, opcionalmente, encabezados VLAN0) • https://blog.champtar.fr/VLAN0_LLC_SNAP • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-290: Authentication Bypass by Spoofing •