Lucene search
K

10 matches found

OSV
OSV
added 2026/02/28 12:44 p.m.7 views

OESA-2026-1439 wpa_supplicant security update

wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...

3.7CVSS5.9AI score0.00716EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpasupplicant 1.0 through 2.4 does not clear the L Length and M More flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service crash via a crafted message...

5CVSS6.7AI score0.0348EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.3 views

SUSE CVE-2019-11555

The EAP-pwd implementation in hostapd EAP server before 2.8 and wpasupplicant EAP peer before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference denial ...

4.3CVSS6.8AI score0.03252EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:10 a.m.4 views

SUSE CVE-2019-13377

The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...

5.9CVSS7AI score0.02187EPSS
Exploits0References8
NCSC
NCSC
added 2022/03/07 12:0 a.m.4 views

Fixed vulnerability in Wi-Fi SAE and EAP-wd implementations

A vulnerability has been fixed in implementations of the Simultaneous Authentication of Equals SAE and Extensible-Authentication-Protocol-EAP EAP-wd that are used in hostapd and wpasupplicant. The vulnerability enables a malicious party with the ability to execute code on the system to gain acces...

9.8CVSS9.1AI score0.02944EPSS
Exploits0
OSV
OSV
added 2022/01/17 2:15 a.m.1 views

UBUNTU-CVE-2022-23304

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

9.8CVSS7.1AI score0.01903EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2019/12/19 12:0 a.m.3 views

NETGEAR N300 WNR2000v5 Denial of Service (CVE-2019-5055)

A denial-of-service vulnerability exists in the Host Access Point Daemon on the NETGEAR N300 wireless router. The vulnerability is due invalid sequence SOAP request sent to the service can cause a null pointer dereference. An unauthenticated attacker can send a specially-crafted SOAP request to...

5CVSS2.8AI score0.02014EPSS
Exploits1
NVD
NVD
added 2019/09/11 10:15 p.m.27 views

CVE-2019-5055

An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon hostapd on the NETGEAR N300 WNR2000v5 with Firmware Version V1.0.0.70 wireless router. A SOAP request sent in an invalid sequence to the service can cause a null pointer dereference, resulting in the hostapd...

7.5CVSS7.5AI score0.02014EPSS
Exploits1References1
Prion
Prion
added 2019/09/11 10:15 p.m.23 views

Null pointer dereference

An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon hostapd on the NETGEAR N300 WNR2000v5 with Firmware Version V1.0.0.70 wireless router. A SOAP request sent in an invalid sequence to the service can cause a null pointer dereference, resulting in the hostapd...

5CVSS7.5AI score0.02014EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/04/26 10:29 p.m.2 views

ALPINE-CVE-2019-11555

The EAP-pwd implementation in hostapd EAP server before 2.8 and wpasupplicant EAP peer before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference denial ...

5.9CVSS6.8AI score0.03252EPSS
Exploits0References1
Rows per page
Query Builder