Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2020/04/29 3:10 p.m.35 views

CVE-2019-9498

A flaw was found in wpasupplicant. An attack using invalid scalar/element values is possible against the EAP-pwd server since hostapd and wpasupplicant did not validate these values in the received EAP-pwd-Commit messages. When processing an EAP-pwd Commit frame, the peer's scalar and element...

8.1CVSS3AI score0.00794EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2019/06/06 12:0 a.m.2 views

The vulnerability of the wpa_supplicant component of the EAP-PWD protocol in wireless communication devices certified by WPA allows a perpetrator to compromise the integrity and confidentiality of data or cause service failures due to improper use of privileges.

The vulnerability of the wpasupplicant component of the EAP-PWD protocol in wireless communication devices certified by WPA is related to incorrect validation of scalar values and values of elements in the “EAP-pwd-Commit” section of imported elements. Exploiting this vulnerability allows a...

8.1CVSS6.9AI score0.00794EPSS
Exploits0References12Affected Software6
Tenable Nessus
Tenable Nessusadded 2019/04/30 12:0 a.m.27 views

SUSE SLED15 / SLES15 Security Update : freeradius-server (SUSE-SU-2019:1086-1)

This update for freeradius-server fixes the following issues : Security issues fixed : CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points bsc1132549. CVE-2019-11234: Fixed an authentication bypass caused by...

9.8CVSS7.6AI score0.25852EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2019/04/26 12:0 a.m.36 views

SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2019:1039-1)

This update for freeradius-server fixes the following issues : Security issues fixed : CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points bsc1132549. CVE-2019-11234: Fixed an authentication bypass caused by...

9.8CVSS7.6AI score0.25852EPSS
Exploits0References7
OSV
OSVadded 2019/04/25 12:57 p.m.6 views

SUSE-SU-2019:1039-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: Security issues fixed: - CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points bsc1132549. - CVE-2019-11234: Fixed an authentication bypass caused by...

9.8CVSS9.7AI score0.25852EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2019/04/17 1:31 p.m.32 views

CVE-2019-9497

The implementations of EAP-PWD in hostapd EAP Server and wpasupplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not...

8.1CVSS8AI score0.11468EPSS
Exploits0
Rows per page
Query Builder