Every CVE whose affected-product data names Kame Racoon, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2004-0607 — CVSS 10.0 (critical): The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow…
CVE-2004-0155 — CVSS 7.5 (high): The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA…
CVE-2004-0164 — CVSS 5.0 (medium): KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain…
CVE-2004-0392 — CVSS 5.0 (medium): racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message…
CVE-2004-0403 — CVSS 5.0 (medium): Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length…
CVE-2005-0398 — CVSS 5.0 (medium): The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.