Lucene search
K

53 matches found

Prion
Prion
added 2019/04/17 2:29 p.m.29 views

Default configuration

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

4.3CVSS5.9AI score0.03739EPSS
Exploits0References10Affected Software9
CVE
CVE
added 2019/04/17 1:31 p.m.252 views

CVE-2019-9495

CVE-2019-9495 affects hostapd and wpa_supplicant with EAP-pwd support; vulnerable due to cache access-pattern side-channel. Astra Linux and other sources reinforce that before 2.10, both hostapd and wpa_supplicant are affected. Impact: potential exposure via side-channel, capable of cracking weak...

4.3CVSS6.7AI score0.03449EPSS
Exploits0References10Affected Software2
Debian CVE
Debian CVE
added 2019/04/17 1:31 p.m.38 views

CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

4.3CVSS6.7AI score0.03449EPSS
Exploits0
Debian CVE
Debian CVE
added 2019/04/17 1:31 p.m.30 views

CVE-2019-9494

The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...

5.9CVSS6.5AI score0.03739EPSS
Exploits0
Cvelist
Cvelist
added 2019/04/17 1:31 p.m.41 views

CVE-2019-9495 The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

6.6AI score0.03449EPSS
Exploits0References10
AlpineLinux
AlpineLinux
added 2019/04/17 1:31 p.m.37 views

CVE-2019-9494

The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...

5.9CVSS6.5AI score0.03739EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/04/10 3:0 p.m.31 views

CVE-2019-9494

The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...

5.9CVSS6.9AI score0.03739EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/04/10 3:0 p.m.29 views

CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

4.3CVSS6.8AI score0.03449EPSS
Exploits0References3
NVD
NVD
added 2019/02/25 11:29 p.m.20 views

CVE-2019-6266

Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...

9.8CVSS9.4AI score0.01203EPSS
Exploits0References1
Prion
Prion
added 2019/02/25 11:29 p.m.20 views

Code injection

Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...

7.5CVSS9.3AI score0.01203EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/02/25 11:0 p.m.43 views

CVE-2019-6266

CVE-2019-6266 affects Cordaware bestinformed for Windows prior to version 6.2.1.0. Public sources describe insecure SSL certificate verification and insecure access patterns, which can allow remote attackers to downgrade encrypted connections to cleartext. Related CNVD entries for the same produc...

9.8CVSS9.3AI score0.01203EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/01/07 6:0 p.m.29 views

CVE-2019-5489

The mincore implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. Fixing this affects the output of the fincore program. Limited...

6.8AI score0.00774EPSS
Exploits1References32
Imperva Blog
Imperva Blog
added 2017/10/25 3:30 p.m.19 views

Detecting Data Breaches: Why Understanding Database Types Matters

Different data characteristics and access patterns found in different database systems lead to different ways of detecting suspicious data access, which are indicators of potential data breaches. To accurately detect data access abuse we need to classify the database processing type. Is it a...

6.9AI score
Exploits0
Rows per page
Query Builder