Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 5:44 a.m.1 views

SUSE CVE-2012-4445

Heap-based buffer overflow in the eapservertlsprocessfragment function in eapservertlscommon.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service crash or abort via a small "TLS Message Length" value in an EAP-TLS message with the "Mor...

4.3CVSS7AI score0.05318EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2020/01/02 12:0 a.m.44 views

EulerOS 2.0 SP8 : wpa_supplicant (EulerOS-SA-2020-1036)

According to the versions of the wpasupplicant package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The implementations of EAP-PWD in hostapd EAP Server and wpasupplicant EAP Peer do not validate the scalar and element values in...

8.1CVSS6.5AI score0.11468EPSS
Exploits0References5
CVE
CVEadded 2019/04/17 1:31 p.m.235 views

CVE-2019-9498

CVE-2019-9498 concerns the EAP-PWD implementation in hostapd EAP Server and the EAP-pwd support in wpa_supplicant with SAE. The issue: when built against crypto libraries that do not validate imported elements, the scalar and element values presented in EAP-pwd-Commit are not validated. An attack...

8.1CVSS7.9AI score0.00794EPSS
Exploits0References9Affected Software2
Cvelist
Cvelistadded 2019/04/17 1:31 p.m.25 views

CVE-2019-9498 The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication,...

7.9AI score0.00794EPSS
Exploits0References9
Veracode
Veracodeadded 2019/01/15 9:8 a.m.23 views

Denial Of Service (DoS)

jboss eap is vulnerable to denial of service. It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...

3.5CVSS8.8AI score0.01287EPSS
Exploits0References28Affected Software77
OSV
OSVadded 2012/10/10 6:55 p.m.4 views

CVE-2012-4445

Heap-based buffer overflow in the eapservertlsprocessfragment function in eapservertlscommon.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service crash or abort via a small "TLS Message Length" value in an EAP-TLS message with the "Mor...

7AI score
Exploits0References12
Positive Technologies
Positive Technologiesadded 2012/10/10 12:0 a.m.1 views

PT-2012-1046 · Debian · Hostapd

Name of the Vulnerable Software and Affected Versions: hostapd versions 0.6 through 1.0 Description: The issue concerns multiple vulnerabilities in the hostapd package of the Debian GNU/Linux operating system, which can be exploited remotely to disrupt the availability of protected information...

4.3CVSS7AI score0.05318EPSS
Exploits0References18
Rows per page
Query Builder