39 matches found
CVE-2021-1896
Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity...
Code injection
Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity...
CVE-2021-1896
The CVE-2021-1896 entry concerns Qualcomm Qualcomm Snapdragon components (Compute and Connectivity) with a weak WLAN configuration that could forward unencrypted packets between peers. Available sources from NVD and Red Hat, PRION, PT Security and others indicate the vulnerability affects Snapdra...
CVE-2021-1896
Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity...
PT-2021-13654 · Qualcomm · Snapdragon Connectivity +1
Name of the Vulnerable Software and Affected Versions: Snapdragon Compute, Snapdragon Connectivity affected versions not specified Description: A weak configuration in WLAN could cause the forwarding of unencrypted packets from one client to another. Recommendations: At the moment, there is no...
Internet Bug Bounty: IP-in-IP protocol routes arbitrary traffic by default - CVE-2020-10136
Many machines 150K-180K on the internet accept and route IP over IP by default. IP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be encapsulated inside another IP packets. This is very similar to IPSEC VPNs in tunnel mode, except in the case of...
CVE-2019-16110
The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream...
FaceTime - readSPSandGetDecoderParams Stack Corruption
FaceTime - readSPSandGetDecoderParams Stack Corruption There are a variety of problems that occur when processing malformed H264 streams in readSPSandGetDecoderParams, leading to OOB read, OOB write and stackchk crashes. I think the root cause is stack corruption. This issue can occur if someone...
Information Disclosure Vulnerability in Multiple Cisco Products (CNVD-2017-33214)
Cisco IOS Software and so on are the products of the American Cisco Cisco company.Cisco IOS Software is a set of operating systems developed for the Cisco network equipment.DS 9222i Multiservice Modular Switch A switch device. An information disclosure vulnerability exists in the encryption...
CVE-2011-4667
The encryption library in Cisco IOS Software 15.21T, 15.21T1, and 15.22T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.26, and Cisco IOS in Cisco VPN Services Port Adaptor for...
CVE-2011-4667
The encryption library in Cisco IOS Software 15.21T, 15.21T1, and 15.22T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.26, and Cisco IOS in Cisco VPN Services Port Adaptor for...
CVE-2011-4667
Cisco reports a vulnerability in the encryption library used by Cisco IOS Software (15.2(1)T, 15.2(1)T1, 15.2(2)T), Cisco NX-OS on MDS 9222i, MDS 9000 modules, and Cisco IOS in VPN Services Port Adaptor for Catalyst 6500 (12.2(33)SXI/SXJ); affected sessions protected by IPsec could leak part of t...
CVE-2006-7180
ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...
GLSA-200704-15 : MadWifi: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200704-15 MadWifi: Multiple vulnerabilities The driver does not properly process Channel Switch Announcement Information Elements, allowing for an abnormal channel change. The ieee80211input function does not properly handle AUTH...
MadWifi: Multiple vulnerabilities
Background The MadWifi driver provides support for Atheros based IEEE 802.11 Wireless Lan cards. Description The driver does not properly process Channel Switch Announcement Information Elements, allowing for an abnormal channel change. The ieee80211input function does not properly handle AUTH...
CVE-2006-7180
ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...
CVE-2006-7180
ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...
CVE-2006-7180
ieee80211output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information related to network structure, and possibly cause a denial of service disrupted authentication and conduct spoofing attacks...
CVE-2006-7180
CVE-2006-7180 affects the MadWifi driver (ieee80211_output.c) prior to 0.9.3, where unencrypted 802.11 frames can be observed before WPA authentication completes. Public sources in the connected documents describe this as enabling remote attackers to obtain sensitive information related to networ...