Lucene search
K

24 matches found

EUVD
EUVD
added 2026/01/29 9:42 p.m.6 views

EUVD-2026-4944

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

6.9CVSS6.3AI score0.00517EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/01/29 9:42 p.m.6 views

CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

7.5CVSS6AI score0.00517EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-394752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-394752 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for...

5.5CVSS6.3AI score0.00261EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/04/01 3:47 p.m.11 views

CVE-2025-21979

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphywork before freeing wiphy A wiphywork can be queued from the moment the wiphy is allocated and initialized i.e. wiphynewnm. When a wiphywork is queued, the rdev::wiphywork is getting queued. If wiphyfr...

7.8CVSS6AI score0.00187EPSS
Exploits0
OSV
OSV
added 2025/02/27 2:7 a.m.6 views

CVE-2025-21730 wifi: rtw89: avoid to init mgnt_entry list twice when WoWLAN failed

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to init mgntentry list twice when WoWLAN failed If WoWLAN failed in resume flow, the rtw89opsaddinterface triggered without removing the interface first. Then the mgntentry list init again, causing the listempt...

5.5CVSS5.7AI score0.00168EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/11/21 7:14 p.m.12 views

CVE-2024-50236

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completion. Similar leaks a...

5.5CVSS6.6AI score0.00261EPSS
Exploits0References4
OSV
OSV
added 2024/11/09 11:15 a.m.3 views

DEBIAN-CVE-2024-50236

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completion. Similar leaks a...

5.5CVSS5.7AI score0.00261EPSS
Exploits0References1
OSV
OSV
added 2024/04/02 7:15 a.m.2 views

UBUNTU-CVE-2024-26682

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: improve CSA/ECSA connection refusal As mentioned in the previous commit, we pretty quickly found that some APs have ECSA elements stuck in their probe response, so using that to not attempt to connect while CSA is...

5.5CVSS5.7AI score0.00193EPSS
Exploits0References5
OSV
OSV
added 2024/01/15 2:15 a.m.6 views

CVE-2024-0532

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function setrepeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapskcrypto24g/wpapskcrypto5g leads to...

7.2CVSS6.5AI score0.01761EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/06/29 12:0 a.m.6 views

Ucopia 安全漏洞

Ucopia Express is a device used for Wifi management by the French company Ucopia. A security vulnerability exists in Ucopia versions prior to 6.0.13, which stems from an SSH server with insecure privileges...

7.5CVSS7.3AI score0.00734EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.11 views

SUSE CVE-2022-47519

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTROPERCHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frame...

7.8CVSS6.7AI score0.00298EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2022/12/23 8:0 a.m.5 views

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames.

...

7.8CVSS7.1AI score0.00335EPSS
Exploits0
OSV
OSV
added 2022/12/18 6:15 a.m.1 views

UBUNTU-CVE-2022-47521

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTRCHANNELLIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi...

7.8CVSS6.9AI score0.00335EPSS
Exploits0References13
CNNVD
CNNVD
added 2022/12/18 12:0 a.m.9 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel prior to version 6.0.11, which stems from a lack of validation of the IEEE80211P2PATTROPER CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211....

7.8CVSS6.6AI score0.00298EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2022/11/24 12:0 a.m.8 views

PT-2022-6042 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.11 Description: The issue is related to the WILC1000 wireless driver in the Linux kernel, specifically with the missing validation of IEEE80211 P2P ATTR OPER CHANNEL in the cfg80211.c file. This can trigger ...

9.8CVSS8.1AI score0.71737EPSS
Exploits201References1057
CNVD
CNVD
added 2021/03/30 12:0 a.m.3 views

Weak password vulnerability in CPE-WiFi management platform of Shenzhen Sidetech Co.

Ltd. is a high-tech enterprise that provides a full line of products required for mainstream access network technology. There is a weak password vulnerability in the CPE-WiFi management platform of Shenzhen Xidit Technology Co. Ltd, which can be exploited by attackers to obtain sensitive...

7AI score
Exploits0
seebug.org
seebug.org
added 2017/11/09 12:0 a.m.40 views

Circle with Disney WiFi Security Downgrade Vulnerability(CVE-2017-12096)

Summary An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one, can be used to make Circle connect to an untrusted network. An attacker needs to setup an Access Point reachable by the device and to send a...

6.3AI score0.00679EPSS
Exploits2
NVD
NVD
added 2017/11/07 4:29 p.m.17 views

CVE-2017-12096

An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one can be used to make Circle connect to an untrusted network. An attacker needs to setup an Access Point reachable by the device and to send a series of...

6.5CVSS6.3AI score0.00679EPSS
Exploits2References1
Prion
Prion
added 2017/11/07 4:29 p.m.16 views

Design/Logic Flaw

An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one can be used to make Circle connect to an untrusted network. An attacker needs to setup an Access Point reachable by the device and to send a series of...

6.1CVSS6.3AI score0.00679EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2017/11/07 4:0 p.m.22 views

CVE-2017-12096

An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one can be used to make Circle connect to an untrusted network. An attacker needs to setup an Access Point reachable by the device and to send a series of...

6.5CVSS6.3AI score0.00679EPSS
Exploits2References1
Rows per page
Query Builder