Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-28389

Malicious code in bioql PyPI...

9.8CVSS7.4AI score0.01903EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/01/19 12:0 a.m.57 views

Slackware Linux 14.0 / 14.1 / 14.2 / current wpa_supplicant Multiple Vulnerabilities (SSA:2022-019-01)

The version of wpasupplicant installed on the remote host is prior to 2.10 / 2.9. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-019-01 advisory. - The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result ...

9.8CVSS7AI score0.03739EPSS
Exploits0References3
OSV
OSV
added 2022/01/17 2:15 a.m.1 views

DEBIAN-CVE-2022-23304

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

9.8CVSS8.1AI score0.01903EPSS
Exploits0References1
Prion
Prion
added 2022/01/17 2:15 a.m.33 views

Default configuration

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

6.8CVSS5.8AI score0.03449EPSS
Exploits0References3Affected Software3
Debian CVE
Debian CVE
added 2022/01/17 12:0 a.m.55 views

CVE-2022-23304

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

9.8CVSS2.4AI score0.01903EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/01/17 12:0 a.m.61 views

CVE-2022-23304

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

9.8CVSS6.5AI score0.01903EPSS
Exploits0
Rosalinux
Rosalinux
added 2021/07/02 6:21 p.m.47 views

Advisory ROSA-SA-2021-1998

Software: wpasupplicant 2.6 OS: Cobalt 7.9 CVE-ID: CVE-2017-13084 CVE-Crit: MEDIUM CVE-DESC: Wi-Fi Protected Access WPA and WPA2 allows the Station-to-Station-Link STSL temporary key STK to be reassigned during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or...

8.1CVSS7.2AI score0.05372EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/02/16 12:0 a.m.41 views

openSUSE: Security Advisory for hostapd (openSUSE-SU-2020:0222-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.5AI score0.05372EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2020/02/02 2:43 p.m.35 views

CVE-2019-9495

A flaw was found in wpasupplicant. Side channel attacks were recently discovered in the SAE implementations used by both hostapd and wpasupplicant. EAP-pwd uses a similar design for deriving PWE from the password and while a specific attack against EAP-pwd is not yet known to be tested, there is ...

7.5CVSS0.9AI score0.03449EPSS
Exploits0References4
Debian
Debian
added 2019/07/31 10:10 p.m.107 views

[SECURITY] [DLA 1867-1] wpa security update

Package : wpa Version : 2.3-1+deb8u8 CVE ID : CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499 CVE-2019-11555 Debian Bug : 927463 Several vulnerabilities were discovered in WPA supplicant / hostapd. Some of them could only partially be mitigated, please read below for details. CVE-2019-949...

8.1CVSS6.8AI score0.05372EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.31 views

Fedora 30 : hostapd (2019-eba1109acd)

Update to version 2.7 from upstream Security fix for CVE-2019-9494 cache attack against SAE Security fix for CVE-2019-9495 cache attack against EAP-pwd Security fix for CVE-2019-9496 SAE confirm missing state validation in hostapd/AP Security fix for CVE-2019-9497 EAP-pwd server not checking for...

8.1CVSS6.8AI score0.05372EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.38 views

Fedora 30 : 1:wpa_supplicant (2019-ca49dfd42f)

include fix for : CVE-2019-9494 CVE-2019-9495 CVE-2019-9496 CVE-2019-9497 CVE-2019-9498 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

8.1CVSS6.8AI score0.05372EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/04/24 12:0 a.m.37 views

Fedora 29 : hostapd (2019-f409af9fbe)

Update to version 2.7 from upstream Security fix for CVE-2019-9494 cache attack against SAE Security fix for CVE-2019-9495 cache attack against EAP-pwd Security fix for CVE-2019-9496 SAE confirm missing state validation in hostapd/AP Security fix for CVE-2019-9497 EAP-pwd server not checking for...

8.1CVSS6.8AI score0.05372EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/04/24 12:0 a.m.38 views

Fedora 28 : hostapd (2019-d03bae77f5)

Update to version 2.7 from upstream Security fix for CVE-2019-9494 cache attack against SAE Security fix for CVE-2019-9495 cache attack against EAP-pwd Security fix for CVE-2019-9496 SAE confirm missing state validation in hostapd/AP Security fix for CVE-2019-9497 EAP-pwd server not checking for...

8.1CVSS6.8AI score0.05372EPSS
Exploits0References7
NVD
NVD
added 2019/04/17 2:29 p.m.26 views

CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

4.3CVSS6.1AI score0.03449EPSS
Exploits0References10
CVE
CVE
added 2019/04/17 1:31 p.m.252 views

CVE-2019-9495

CVE-2019-9495 affects hostapd and wpa_supplicant with EAP-pwd support; vulnerable due to cache access-pattern side-channel. Astra Linux and other sources reinforce that before 2.10, both hostapd and wpa_supplicant are affected. Impact: potential exposure via side-channel, capable of cracking weak...

4.3CVSS6.7AI score0.03449EPSS
Exploits0References10Affected Software2
Cvelist
Cvelist
added 2019/04/17 1:31 p.m.41 views

CVE-2019-9495 The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

6.6AI score0.03449EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2019/04/17 1:31 p.m.33 views

CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

4.3CVSS6.7AI score0.03449EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/04/11 12:0 a.m.51 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : wpa_supplicant and hostapd vulnerabilities (USN-3944-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3944-1 advisory. It was discovered that wpasupplicant and hostapd were vulnerable to a side channel attack against EAP- pwd. A remote attacker cou...

8.1CVSS6.6AI score0.05372EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2019/04/11 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-3944-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.4AI score0.05372EPSS
Exploits0References2
Rows per page
Query Builder