2078 matches found
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
...
USN-5250-1 strongswan vulnerability
Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly bypass client and server authentication...
Xerces 安全漏洞
Xerces is an organization promoted by Apache an XML document parsing open source project . A denial of service vulnerability exists in the XML parser in Apache Xerces Java version 2.12.1 and prior versions, which stems from a failure to properly handle incoming error messages, and can be exploite...
GHSA-75VW-3M5V-FPRH corenlp is vulnerable to Improper Restriction of XML External Entity Reference
corenlp is vulnerable to Improper Restriction of XML External Entity Reference...
CVE-2022-0239
corenlp is vulnerable to Improper Restriction of XML External Entity Reference...
ALPINE-CVE-2022-23304
The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...
AZL-7748 CVE-2022-23304 affecting package wpa_supplicant for versions less than 2.10-1
The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...
EAP-pwd 加密问题漏洞
EAP-pwd is an EAP authentication method that uses a shared password for authentication. A cryptographic issue vulnerability exists in EAP-pwd that stems from a cache access mode error in the hostapd and wpa supplicant components of the product. An attacker could use this vulnerability to launch a...
corenlp 代码问题漏洞
Stanford CoreNlp is a set of open source, natural language analysis tools written in Java by the Stanford Nlp Group team. A code issue vulnerability exists in corenlp that stems from the vulnerability of corenlp to improper restrictions on XML external entity references...
The vulnerability in the open-source development environment for UEFI edk2, related to pointer swapping errors, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability in the open-source development environment for UEFI edk2 is related to pointer swapping errors. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...
CVE-2022-22170
A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service DoS by sending specific packets over VXLAN which cause heap memory to leak and on...
CVE-2022-22171
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service DoS by sending specific packets over VXLAN which cause the PFE to reset. This issue...
Mozilla: Iframe sandbox bypass with XSLT
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...
Mozilla: Iframe sandbox bypass with XSLT
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...
Mozilla: Iframe sandbox bypass with XSLT
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...
Mozilla: Iframe sandbox bypass with XSLT
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...
Mozilla: Iframe sandbox bypass with XSLT
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...
Juniper Networks Junos OS 代码问题漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS contains a code issue vulnerability that originates from a memory leak in the Packet Forwarding...
Juniper Networks Junos OS 代码问题漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS contains a code issue vulnerability that originates from a memory leak in the Packet Forwarding...
CVE-2022-21899
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability...