180 matches found
CVE-2025-50159
Use after free in Remote Access Point-to-Point Protocol PPP EAP-TLS allows an authorized attacker to elevate privileges locally...
CVE-2025-50159 Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability
...
CVE-2025-50159 Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability
...
Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability
Use after free in Remote Access Point-to-Point Protocol PPP EAP-TLS allows an authorized attacker to elevate privileges locally...
PT-2025-32782 · Unknown +1 · Ppp Eap-Tls +1
Name of the Vulnerable Software and Affected Versions: Remote Access Point-to-Point Protocol PPP EAP-TLS affected versions not specified Description: A use after free issue exists in Remote Access Point-to-Point Protocol PPP EAP-TLS. This allows a locally authorized attacker to elevate privileges...
CVE-2008-1113
Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol PEAP, does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle MITM attacks...
strongSwan Security Vulnerabilities
strongSwan is an open source IPsec-based VPN solution for use on Linux platforms by Andreas Steffen, an individual developer in Switzerland. The solution includes authentication mechanisms such as X.509 public key certificates, secure storage of private keys, and smart cards. A security...
ALPINE-CVE-2023-52160
The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...
DEBIAN-CVE-2023-52161
The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...
UBUNTU-CVE-2023-52160
The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...
The vulnerability of the PEAP (Protected Extensible Authentication Protocol) client implementation of the Wi-Fi Protected Access Point software WPA Supplicant allows a hacker to intercept the unencrypted user traffic.
The vulnerability of the PEAP Protected Extensible Authentication Protocol client Wi-Fi access control implementation, such as WPA Supplicant, arises due to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to intercept unencrypted user traffic by...
SUSE CVE-2023-52161
The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...
CVE-2023-4503
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...
eap-galleon: custom provisioning creates unsecured http-invoker
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...
CVE-2023-36028
Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...
CVE-2023-36028 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
...
CVE-2023-36028 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
...
PT-2023-6924 · Microsoft · Peap +1
Name of the Vulnerable Software and Affected Versions: Microsoft Protected Extensible Authentication Protocol PEAP affected versions not specified Description: The issue is related to insufficient input validation in the implementation of the Protected Extensible Authentication Protocol PEAP in...
KB5032197: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2023)
The remote Windows host is missing security update 5032197. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36402 - Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability...
KB5032189: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (November 2023)
The remote Windows host is missing security update 5032189. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36402 - Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability...