CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

746 matches found

Astra Linux – Vulnerability in wpa

Implementations of SAE in hostapd before version 2.10, and wpasupplicant before version 2.10, are vulnerable to side-channel attacks due to cache access patterns. NOTE: This issue exists due to an incomplete fix for CVE-2019-9494...

9.8CVSS8AI score0.0293EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в wpa

There exists a exploitable denial-of-service vulnerability in hostapd 2.6. An attacker could trigger the AP to send IAPP location updates for stations, even before the required authentication process is completed. This could lead to various denial-of-service scenarios, either by causing CAM table...

7.4CVSS6.9AI score0.0092EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в wpa

In Hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker who has successfully bootstrapped public keys with another entity using PKEX in the past will be able to subvert future bootstrapping attempts by passively observing the public keys. By...

6.5CVSS7.2AI score0.00338EPSS

Exploits0References2

Tenable Nessus•added 2026/05/11 12:0 a.m.•4 views

Unity Linux 20.1060e / 20.1070e Security Update: wpa_supplicant (UTSA-2026-017501)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017501 advisory. The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differenc...

5.9CVSS6.9AI score0.02187EPSS

Exploits0References4

Rosalinux•added 2026/03/15 6:8 p.m.•7 views

Advisory ROSA-SA-2026-3209

software: hostapd 2.11 WASP: ROSA-CHROME unaffected versions = hostapd-2.11-2 affected versions hostapd-2.11-2 CVE-ID: CVE-2025-24912 BDU-ID: None CVE-Crit: LOW CVE-DESC.: RADIUS packet handling vulnerability in hostapd: hostapd incorrectly handles specially crafted RADIUS packets. When...

3.7CVSS5.7AI score0.00716EPSS

Exploits0

OSV•added 2026/02/28 12:44 p.m.•8 views

OESA-2026-1438 wpa_supplicant security update

wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...

3.7CVSS5.9AI score0.00716EPSS

Exploits0References2

OSV•added 2025/12/09 4:17 p.m.•1 views

UBUNTU-CVE-2023-53822

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done every 60s, a crash is observed at random times. In this certain scenari...

5.7AI score0.00198EPSS

Exploits0References6

OSV•added 2025/12/08 1:16 a.m.•3 views

DEBIAN-CVE-2025-40321

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever there is a need to transmit an Action frame, the brcmfmac driver always uses the P2P vif to send the "actframe" IOVAR to firmware. Th...

5.4AI score0.00168EPSS

Exploits0References1

Cvelist•added 2025/12/08 12:46 a.m.•25 views

CVE-2025-40321 wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode

0.00168EPSS

Exploits0References8

Tenable Nessus•added 2025/11/20 12:0 a.m.•6 views

TencentOS Server 4: hostapd (TSSA-2025:0284)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0284 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

3.7CVSS5.1AI score0.00716EPSS

Exploits0References2