Lucene search
K

332 matches found

BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.11 views

The vulnerability of the gweb component of the Connection dispatcher, related to writing outside of the allocated memory range, allows a hacker to execute arbitrary code.

The vulnerability of the gweb component of the Connman connection controller is related to writing beyond the boundaries of a reserved memory range. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.02392EPSS
Exploits0References10Affected Software6
Tenable Nessus
Tenable Nessus
added 2022/10/11 12:0 a.m.38 views

Debian dla-3144 : connman - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3144 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3144-1 [email protected]...

9.1CVSS7.9AI score0.02598EPSS
Exploits3References10
OpenVAS
OpenVAS
added 2022/10/11 12:0 a.m.25 views

Debian: Security Advisory (DLA-3144-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.5AI score0.02598EPSS
Exploits3References4
Debian
Debian
added 2022/10/10 6:9 p.m.41 views

[SECURITY] [DLA 3144-1] connman security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3144-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 10, 2022 https://wiki.debian.org/LTS -...

9.1CVSS9.5AI score0.02598EPSS
Exploits3
OSV
OSV
added 2022/10/10 12:0 a.m.21 views

DLA-3144-1 connman - security update

Bulletin has no description...

9.1CVSS8.3AI score0.02598EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2022/10/01 12:0 a.m.50 views

openSUSE 15 Security Update : connman (openSUSE-SU-2022:10134-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10134-1 advisory. - In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer...

9.8CVSS8.7AI score0.02392EPSS
Exploits0References7
OSV
OSV
added 2022/09/30 3:42 p.m.3 views

OPENSUSE-SU-2022:10134-1 Security update for connman

This update for connman fixes the following issues: - CVE-2022-32292: Add refcounting to wispr portal detection to avoid heap overflow boo1200190 - CVE-2022-32292: Fix OOB write in receiveddata boo1200189...

9.8CVSS9AI score0.02392EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2022/09/30 12:0 a.m.37 views

Security update for connman (critical)

openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2022:10134-1 Rating: critical References: 1200189 1200190 Cross-References: CVE-2022-32292 CVE-2022-32293 CVSS scores: CVE-2022-32292 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-32293 NVD : 8.1...

9.8CVSS9.6AI score0.02392EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/09/20 12:0 a.m.35 views

Debian DSA-5231-1 : connman - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5231 advisory. Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary...

9.8CVSS8.1AI score0.02598EPSS
Exploits3References14
OpenVAS
OpenVAS
added 2022/09/20 12:0 a.m.20 views

Debian: Security Advisory (DSA-5231-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.02598EPSS
Exploits3References4
Debian
Debian
added 2022/09/17 3:55 p.m.62 views

[SECURITY] [DSA 5231-1] connman security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5231-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 17, 2022 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.02598EPSS
Exploits3
OSV
OSV
added 2022/09/17 12:0 a.m.33 views

DSA-5231-1 connman - security update

Bulletin has no description...

9.8CVSS8.4AI score0.02598EPSS
Exploits3
OpenVAS
OpenVAS
added 2022/09/14 12:0 a.m.22 views

Debian: Security Advisory (DLA-3105-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.02392EPSS
Exploits0References3
Debian
Debian
added 2022/09/13 8:33 a.m.42 views

[SECURITY] [DLA 3105-1] connman security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3105-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 13, 2022 https://wiki.debian.org/LTS -...

9.8CVSS9.7AI score0.02392EPSS
Exploits0
OSV
OSV
added 2022/09/13 12:0 a.m.29 views

DLA-3105-1 connman - security update

Bulletin has no description...

9.8CVSS8.8AI score0.02392EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/13 12:0 a.m.33 views

Debian dla-3105 : connman - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3105 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3105-1 [email protected]...

9.8CVSS8.3AI score0.02392EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2022/09/08 12:0 a.m.36 views

(Pwn2Own) ConnMan wispr_portal_web_result wp_object Double Free Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ConnMan. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wisprportalwebresult method. The issue results from the lack of validating the...

6.3CVSS2.2AI score0.0152EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/09/08 12:0 a.m.84 views

(Pwn2Own) ConnMan received_data Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installation of ConnMan. Authentication is not required to exploit this vulnerability. The specific flaw exists within the receiveddata method. Crafted data in a HTTP response can trigger a write past the e...

6.3CVSS1.4AI score0.02392EPSS
Exploits0References1
OSV
OSV
added 2022/09/07 5:27 a.m.7 views

MGASA-2022-0319 Updated connman packages fix security vulnerability

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute code. CVE-2022-32292 In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a...

9.8CVSS9.2AI score0.02392EPSS
Exploits0References3
Mageia
Mageia
added 2022/09/07 5:27 a.m.46 views

Updated connman packages fix security vulnerability

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute code. CVE-2022-32292 In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a...

9.8CVSS3.4AI score0.02392EPSS
Exploits0References2
Rows per page
Query Builder