637 matches found
The vulnerability of the NTP synchronization protocol implementation in WireGuard’s Windows-based VPN service allows a perpetrator to induce a service failure.
The vulnerability of the NTP synchronization protocol implementation in WireGuard’s Windows-based VPN service is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
Design/Logic Flaw
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
UBUNTU-CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
pfSense-pkg-WireGuard 安全漏洞
pfSense-pkg-WireGuard is a VPN component for pfSense from pfSense Open Source. A security vulnerability exists in pfSense-pkg-WireGuard version 0.5.3, which stems from not considering the possibility that the system time is set to a future value, resulting in a permanently invalid static private...
CVE-2021-46873
CVE-2021-46873 concerns WireGuard (e.g., WireGuard 0.5.3 on Windows) where an attacker could force a victim’s system time forward (e.g., via unauthenticated NTP). The result is that one static private key may become permanently useless. The connected documents confirm the affected component and t...
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...
kernel: wireguard: socket: free skb in send6 when ipv6 is disabled
A flaw was found in the WireGuard module in the Linux kernel. A memory leak can occur due to a missing memory release when the IPv6 CONFIGIPV6 support is disabled, potentially impacting system performance and possibly resulting in a denial of service...
wireguard-tools bug fix and enhancement update
An update is available for wireguard-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
CVE-2022-35270
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
PT-2022-22674 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. It can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...
GSD-2022-1006587 wireguard: netlink: avoid variable-sized memcpy on sockaddr
wireguard: netlink: avoid variable-sized memcpy on sockaddr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.146 by commit...
GSD-2022-1006561 wireguard: netlink: avoid variable-sized memcpy on sockaddr
wireguard: netlink: avoid variable-sized memcpy on sockaddr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.71 by commit...
GSD-2022-1006521 wireguard: netlink: avoid variable-sized memcpy on sockaddr
wireguard: netlink: avoid variable-sized memcpy on sockaddr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.12 by commit...
GSD-2022-1006477 wireguard: netlink: avoid variable-sized memcpy on sockaddr
wireguard: netlink: avoid variable-sized memcpy on sockaddr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0 by commit...
PT-2022-34777 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.12 Description: The issue concerns a potential security vulnerability in the Linux Kernel related to the wireguard netlink, specifically involving a variable-sized memcpy on sockaddr. The actual impact and...
PT-2022-34817 · Wireguard +1 · Wireguard +1
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.71 Description: The issue concerns a potential security vulnerability in the netlink component of WireGuard, related to a variable-sized memcpy on sockaddr. The actual impact and attack plausibility have n...