CVE-2026-8369

CVE-2026-8369 describes an issue in the NAT64 translator of The OpenThread Authors’ OpenThread (affected: OpenThread before commit 26a882d, on all platforms) caused by improper input validation. The vulnerability enables an attacker on an adjacent IPv4 network to inject corrupted IPv6 packets int...

Anviz CrossChex Standard 安全漏洞

Anviz CrossChex Standard is a centralized control software developed by Anviz Corporation in the United States, used for access control and attendance data management. Anviz CrossChex Standard has a security vulnerability. This vulnerability stems from the lack of source verification in the...

EUVD-2020-3618

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-24588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the...

Linux Distros Unpatched Vulnerability : CVE-2020-26144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the fir...

CVE-2020-11264

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:0394-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0394-1 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP...

Network Packet Injection

kernel-rt is vulnerable to network package injection. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 i.e., LLC/SNAP header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent...

CVE-2020-11264

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

CVE-2020-11264

CVE-2020-11264 is a Qualcomm WLAN vulnerability: improper authentication of Non-EAPOL/WAPI plaintext frames during the four-way handshake can allow arbitrary network packet injection. Affected products include Snapdragon Auto, Compute, Connectivity, and various Snapdragon lines (Mobile, IoT, Indu...

CVE-2020-11264

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

SUSE-SU-2021:1913-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in...

Samsung Galaxy S3 Input Validation Error Vulnerability (CNVD-2021-34678)

The Samsung Galaxy S3 is a smartphone from the South Korean company Samsung Samsung. A security vulnerability exists in the Samsung Galaxy S3 i9305 version 4.4.4. An attacker can inject selected network packets...

Samsung Galaxy S3 Input Validation Error Vulnerability

The Samsung Galaxy S3 is a smartphone from the South Korean company Samsung Samsung. A security vulnerability exists in the Samsung Galaxy S3 i9305 version 4.4.4. An attacker can inject arbitrary network packets independent of the network configuration...

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of 802.11...

CVE-2020-26145

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second or subsequent broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets...

CVE-2020-26145

CVE-2020-26145 affects Samsung Galaxy S3 i9305 (Android device) and relates to Wi‑Fi fragmentation handling where second/bulk fragments sent in plaintext are accepted and processed as full unfragmented frames, enabling arbitrary packet injection regardless of network config. The connected documen...

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of 802.11...