DEBIAN-CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

ALPINE-CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

UBUNTU-CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

[SECURITY] Fedora 39 Update: caddy-2.7.6-1.fc39

Caddy is an extensible server platform that uses TLS by default...

The vulnerability of the PEAP (Protected Extensible Authentication Protocol) client implementation of the Wi-Fi Protected Access Point software WPA Supplicant allows a hacker to intercept the unencrypted user traffic.

The vulnerability of the PEAP Protected Extensible Authentication Protocol client Wi-Fi access control implementation, such as WPA Supplicant, arises due to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to intercept unencrypted user traffic by...

SUSE CVE-2023-49721

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...

SUSE CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

CVE-2023-49721

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...

EDK2 Security Vulnerability

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. EDK2 suffers from a security vulnerability that stems from allowing insecure default settings that allow an attacker to bypass secure boot...

CVE-2024-24743

SAP NetWeaver AS Java CAF - Guided Procedures - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so...

SAP NetWeaver AS Code Issue Vulnerability

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides web services, but is also the basic platform for SAP software. A code issue vulnerability exists in SAP NetWeaver AS Java version 7.50, which arises from a vulnerability that allows an unauthenticated attacker to...

The vulnerability of the Qualys Policy Compliance Connector Plugin lies in the improper restriction of XML links to external objects, which allows attackers to perform XXE attacks.

The vulnerability of the Qualys Policy Compliance Connector Plugin is related to an incorrect limitation on XML links to external objects. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute XXE attacks using specially created XML code...

santuario: Private Key disclosure in debug-log output

All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to...

CVE-2023-4503

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...

Amazon Linux 2 : python3-jinja2 (ALAS-2024-2437)

The version of python3-jinja2 installed on the remote host is prior to 2.7.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2437 advisory. Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. ...

[SECURITY] Fedora 38 Update: libebml-1.4.5-1.fc38

Extensible Binary Meta Language access library A library for reading and writing files with the Extensible Binary Meta Language, a binary pendant to XML...

[SECURITY] Fedora 39 Update: libebml-1.4.5-1.fc39

Extensible Binary Meta Language access library A library for reading and writing files with the Extensible Binary Meta Language, a binary pendant to XML...

ALPINE-CVE-2023-52426

libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time...

OpenText AppBuilder Code Issue Vulnerability

OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2, which originates from XML External Entity Injection and allows server-side requests to forge, probe system files...

libxml2: NULL dereference in xmlSchemaFixupComplexType

A NULL pointer dereference vulnerability was found in libxml2. This issue occurs when parsing invalid XML schemas...