Lucene search
K

157 matches found

Code423n4
Code423n4
added 2021/12/01 12:0 a.m.10 views

RewardReinvestor.provideReinvest and splitReinvest are vulnerable to sandwich attacks as market price isn't checked

Handle hyh Vulnerability details Impact Liquidity provision can happen at a manipulated price which leads to immediate loss for liquidity provider i.e. IL happens right after liquidity provision in this case. This yields direct loss for an LP account owner, for example schematically: 0. Suppose...

6.7AI score
Exploits0
OSV
OSV
added 2021/10/20 11:16 a.m.5 views

CVE-2021-2461

Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications component: Provision API. The supported version that is affected is 6.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

8.3CVSS7.3AI score0.01026EPSS
Exploits1References1
Code423n4
Code423n4
added 2021/09/15 12:0 a.m.14 views

PostAuctionLauncher's liquidity provision can be exploited

Handle cmichel Vulnerability details The PostAuctionLauncher.finalize function takes the raised payment token amounts and uses previously provided auction token amounts to provide liquidity to a Sushiswap pool after an auction has successfully been finalized. It provides this liquidity at a...

6.7AI score
Exploits0
OSV
OSV
added 2021/06/01 12:0 a.m.35 views

ASB-A-181660448

In p2pprocessprovdiscreq of p2ppd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS9.2AI score0.01556EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/05/19 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2021-1917)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01228EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/23 12:0 a.m.41 views

Debian DSA-4898-1 : wpa - security update

Several vulnerabilities have been discovered in wpasupplicant and hostapd. - CVE-2020-12695 It was discovered that hostapd does not properly handle UPnP subscribe messages under certain conditions, allowing an attacker to cause a denial of service. - CVE-2021-0326 It was discovered that...

7.9CVSS7.1AI score0.15193EPSS
Exploits4References11
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.13 views

openSUSE: Security Advisory for wpa_supplicant (openSUSE-SU-2021:0404-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.9AI score0.01228EPSS
Exploits0References2
OSV
OSV
added 2021/04/07 11:2 a.m.3 views

OESA-2021-1133 wpa_supplicant security update

wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...

7.5CVSS7.3AI score0.01228EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/18 12:0 a.m.64 views

CentOS 7 : wpa_supplicant (RHSA-2021:0808)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0808 advisory. - A vulnerability was discovered in how p2p/p2ppd.c in wpasupplicant before 2.10 processes P2P Wi-Fi Direct provision discovery requests. It could result in...

7.5CVSS7.9AI score0.01228EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/03/15 11:45 a.m.2 views

wpa_supplicant: Use-after-free in P2P provision discovery processing

A flaw was found in the wpasupplicant, in the way it processes P2P Wi-Fi Direct provision discovery requests. This flaw allows an attacker who is within radio range of the device running P2P discovery to cause termination of the wpasupplicant process or potentially cause code execution. The highe...

7.5CVSS7.3AI score0.01228EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/15 10:43 a.m.7 views

wpa_supplicant: Use-after-free in P2P provision discovery processing

A flaw was found in the wpasupplicant, in the way it processes P2P Wi-Fi Direct provision discovery requests. This flaw allows an attacker who is within radio range of the device running P2P discovery to cause termination of the wpasupplicant process or potentially cause code execution. The highe...

7.5CVSS7.3AI score0.01228EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/15 10:43 a.m.100 views

Important: Red Hat Security Advisory: wpa_supplicant security update

An update for wpasupplicant is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

7.5CVSS7.1AI score0.01228EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/03/14 12:0 a.m.30 views

Security update for wpa_supplicant (important)

openSUSE Security Update: Security update for wpasupplicant Announcement ID: openSUSE-SU-2021:0404-1 Rating: important References: 1182805 Cross-References: CVE-2021-27803 CVSS scores: CVE-2021-27803 NVD : 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-27803 SUSE: 7.5...

7.5CVSS7AI score0.01228EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/03/11 7:43 a.m.7 views

wpa_supplicant: Use-after-free in P2P provision discovery processing

A flaw was found in the wpasupplicant, in the way it processes P2P Wi-Fi Direct provision discovery requests. This flaw allows an attacker who is within radio range of the device running P2P discovery to cause termination of the wpasupplicant process or potentially cause code execution. The highe...

7.5CVSS7.3AI score0.01228EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/03/11 12:0 a.m.26 views

RHEL 8 : wpa_supplicant (RHSA-2021:0809)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0809 advisory. The wpasupplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 IEEE 802.11i / RSN, and various EAP authentication methods...

7.5CVSS7.6AI score0.01228EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.26 views

SUSE SLES12 Security Update : wpa_supplicant (SUSE-SU-2021:0720-1)

This update for wpasupplicant fixes the following issues : CVE-2021-27803: Fixed a P2P provision discovery processing vulnerability bsc1182805. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

7.5CVSS7.4AI score0.01228EPSS
Exploits0References4
OSV
OSV
added 2021/03/09 3:19 p.m.8 views

SUSE-SU-2021:0745-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: - CVE-2021-27803: P2P provision discovery processing vulnerability bsc1182805...

7.5CVSS7.5AI score0.01228EPSS
Exploits0References3
OSV
OSV
added 2021/03/08 3:42 p.m.6 views

SUSE-SU-2021:0721-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: - CVE-2021-27803: Fixed a P2P provision discovery processing vulnerability bsc1182805...

7.5CVSS7.4AI score0.01228EPSS
Exploits0References3
OSV
OSV
added 2021/03/08 2:2 p.m.2 views

SUSE-SU-2021:0720-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: - CVE-2021-27803: Fixed a P2P provision discovery processing vulnerability bsc1182805...

7.5CVSS7.4AI score0.01228EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2021/03/06 8:0 a.m.3 views

A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code) for an attacker within radio range.

...

7.5CVSS7AI score0.01228EPSS
Exploits0
Rows per page
Query Builder