CVE-2023-50209 D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific.....
8.8CVSS
9.2AI Score
0.0005EPSS
CVE-2023-50204 D-Link G416 flupl pythonapp Command Injection Remote Code Execution Vulnerability
D-Link G416 flupl pythonapp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific...
8.8CVSS
9.3AI Score
0.0005EPSS
CVE-2023-50202 D-Link G416 flupl pythonmodules Command Injection Remote Code Execution Vulnerability
D-Link G416 flupl pythonmodules Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The...
8.8CVSS
9.3AI Score
0.0005EPSS
CVE-2023-50198 D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability
D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw...
8.8CVSS
9.3AI Score
0.0005EPSS
D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
8.8CVSS
9.2AI Score
0.0005EPSS
D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
8.8CVSS
7.8AI Score
0.0005EPSS
D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
8.8CVSS
9.2AI Score
0.0005EPSS
D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
8.8CVSS
7.8AI Score
0.0005EPSS
kernel security, bug fix, and enhancement update
[5.14.0-427.13.1_4.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update...
9.8CVSS
7.5AI Score
0.003EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ #333...
7.1AI Score
0.0004EPSS
Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via the formWlEncrypt function of the boa server. Specifically, they exploit the length of the wlan_ssid field triggers the...
6.8AI Score
0.0004EPSS
Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via the formWlEncrypt function of the boa server. Specifically, they exploit the length of the wlan_ssid field triggers the...
6.6AI Score
0.0004EPSS
Cisco Talos' Vulnerability Research team has disclosed more than a dozen vulnerabilities over the past three weeks, five in a device that allows employees to check in and out of their shifts, and another that exists in an open-source library used in medical device imaging files. The Peplink Smart.....
9.2AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ #333...
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ #333...
6.4AI Score
0.0004EPSS
CVE-2024-27053 wifi: wilc1000: fix RCU usage in connect path
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ #333...
6.6AI Score
0.0004EPSS
CVE-2024-27053 wifi: wilc1000: fix RCU usage in connect path
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ #333...
7.7AI Score
0.0004EPSS
Wireless carriers fined $200 million after illegally sharing customer location data
After four years of investigation, the Federal Communications Commission (FCC) has concluded that four of the major wireless carriers in the US violated the law in sharing access to customers’ location data. The FCC fined AT&T, Sprint, T-Mobile, and Verizon a total of almost $200 million for...
6.8AI Score
Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via the formWlEncrypt function of the boa server. Specifically, they exploit the length of the wlan_ssid field triggers the...
6.9AI Score
0.0004EPSS
Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via the formWlEncrypt function of the boa server. Specifically, they exploit the length of the wlan_ssid field triggers the...
6.8AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1480-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1480-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic...
7.8CVSS
8AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ 333...
7.6AI Score
0.0004EPSS
(RHSA-2024:2583) Important: linux-firmware security update
The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329) For more details about the security issue(s), including the impact, a...
7.8AI Score
0.0004EPSS
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024. "The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act),...
7.5AI Score
RHEL 8 : linux-firmware (RHSA-2024:2583)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2583 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw: intel:...
8.2CVSS
7.3AI Score
0.0004EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1466-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1466-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
7.5AI Score
EPSS
FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data
The U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers -- including AT&T, Sprint, T-Mobile and Verizon -- for illegally sharing access to customers' location information without consent. The fines mark the culmination of a...
7AI Score
Fedora 40 : iwd (2024-3fa713f2e0)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3fa713f2e0 advisory. The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain...
7.5CVSS
8AI Score
0.001EPSS
Fedora 40 : iwd / libell (2024-58c59bfa4c)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-58c59bfa4c advisory. The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access...
7.5CVSS
6.8AI Score
0.001EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1454-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync...
7.8CVSS
8AI Score
0.001EPSS
CentOS 9 : linux-firmware-20231030-141.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the linux- firmware-20231030-141.el9 build changelog. Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (RHEL-14264) (CVE-2022-46329) Note that Nessus has not tested for...
8.2CVSS
6.9AI Score
0.0004EPSS
CentOS 9 : wpa_supplicant-2.10-5.el9
The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the wpa_supplicant-2.10-5.el9 build changelog. The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be...
6.5CVSS
7.1AI Score
0.001EPSS
AeroNet Wireless Unveils 10Gbps Internet Plan in Puerto Rico, Revolutionising Telecom Industry
By Cyber Newswire AeroNet Wireless is revolutionizing internet connectivity in Puerto Rico with the launch of its groundbreaking 10Gbps plan, the first of its kind on the island. This ultra-fast service offers businesses a significant leap in efficiency, productivity, and competitiveness. This is.....
7.3AI Score
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....
7.4AI Score
0.0004EPSS
A certain software build for the Sharp Rouvo V device (SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_530:user/release-keys) leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or...
6.5AI Score
0.0004EPSS
A certain software build for the Sharp Rouvo V device (SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_530:user/release-keys) leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or...
6.2AI Score
0.0004EPSS
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....
7.2AI Score
0.0004EPSS
An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC address to a system...
6.6AI Score
0.0004EPSS
An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC address to a system...
6.4AI Score
0.0004EPSS
A certain software build for the Sharp Rouvo V device (SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_530:user/release-keys) leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or...
6.5AI Score
0.0004EPSS
An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC address to a system...
6.6AI Score
0.0004EPSS
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....
7.4AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: wireshark-4.2.4-1.fc40
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...
7.8CVSS
7AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless...
5.8AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless...
6AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless...
5.8AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless...
6AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless...
6AI Score
0.0004EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
8.4AI Score
EPSS