Lucene search
+L

1822 matches found

Snyk
Snyk
added 2026/06/25 5:22 p.m.4 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the RADIUS authentication process. An attacker can gain unauthorized access by sending a spoofed Access-Accept response to the client, which fails to verify the response authenticator,...

7.7CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/18 4:40 p.m.4 views

SUSE-SU-2026:2459-1 Security update for strongswan

This update for strongswan fixes the following issues - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

5.8AI score
Exploits6References17
OSV
OSV
added 2026/06/15 1:55 p.m.2 views

OPENSUSE-SU-2026:20985-1 Security update for hostapd

This update for hostapd fixes the following issues: Changes in hostapd: - bsc1268083 - hostapd segmentation fault during fast restart cycles. - CVE-2025-24912: hostapd fails to process crafted RADIUS packets properly bsc1239461...

3.7CVSS5.8AI score0.00716EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 8:8 p.m.11 views

GHSA-FP5J-4FJ2-4JVQ Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)

Radius Controller May Delete a Container Resource via an Injected Deployment Annotation Multi-Tenant Installs Summary A configuration-validation issue in the Radius Kubernetes controller can cause it to issue a DELETE for the container resource referenced by a tampered radapp.io/status annotation...

7.7CVSS5.7AI score0.00051EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/12 8:8 p.m.16 views

Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)

Radius Controller May Delete a Container Resource via an Injected Deployment Annotation Multi-Tenant Installs Summary A configuration-validation issue in the Radius Kubernetes controller can cause it to issue a DELETE for the container resource referenced by a tampered radapp.io/status annotation...

5.7AI score0.00051EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.22 views

PT-2026-49062

Name of the Vulnerable Software and Affected Versions Radius versions 0.57.1 and earlier Description A configuration-validation issue in the Radius Kubernetes controller allows for a Confused Deputy attack. The controller deserializes JSON data from the radapp.io/status annotation on Kubernetes...

7.7CVSS5.9AI score0.00051EPSS
Exploits0References5
Circl
Circl
added 2026/06/11 11:10 p.m.13 views

CVE-2026-53999

creationtimestamp| type| source ---|---|--- 2026-06-11 23:10:49+00:00| published-proof-of-concept| https://github.com/radius-project/radius/security/advisories/GHSA-fp5j-4fj2-4jvq...

4.9AI score0.00051EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/06/11 12:22 p.m.7 views

Security update for strongswan

This update for strongswan fixes the following issues CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attribut...

9.2CVSS5.4AI score
Exploits6References32
OSV
OSV
added 2026/06/11 12:21 p.m.7 views

SUSE-SU-2026:2368-1 Security update for strongswan

This update for strongswan fixes the following issues - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

5.4AI score
Exploits6References17
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

Debian dsa-6330 : charon-cmd - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6330 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6330-1 [email protected] https://www.debian.org/security/...

5.5AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.11 views

PT-2026-48474

Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-697 Incorrect Comparison Summary AWS IAM trust policies can list more than one federated identity provider — for example, a role that accepts BOTH GitHub Actions OIDC and Google's OIDC. The G OIDC 1 and G OIDC 2 policy rule...

8.3CVSS5.5AI score0.0004EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.11 views

CVE-2026-21742

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1,...

6.5CVSS5.4AI score0.00148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.12 views

CVE-2026-20193

A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device. This vulnerability is due to improper role-based access control RBAC...

4.3CVSS5.5AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/04 4:1 p.m.18 views

CVE-2026-36616

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

5.9CVSS5.8AI score0.00137EPSS
Exploits0References1
NVD
NVD
added 2026/06/03 6:16 p.m.19 views

CVE-2026-36616

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

5.9CVSS0.00137EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 12:0 a.m.19 views

EUVD-2026-34154

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

5.8AI score0.00137EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36616

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

5.8AI score0.00137EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 12:0 a.m.25 views

CVE-2026-36616

CVE-2026-36616 affects the Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909. The issue is the presence of hardcoded WiFi driver credentials embedded in the production firmware binary: a RADIUS shared secret, a WPS test key, and a default PSK. The vulnerability arises from these sensitive ...

5.9CVSS5.8AI score0.00137EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.21 views

PT-2026-46003

Mercusys AC12G EU V1 with firmware AC12GEU V1 200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

5.8AI score0.00137EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.42 views

CVE-2026-36616

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

0.00137EPSS
Exploits0References1
Rows per page
Query Builder