Lucene search
K

8648 matches found

EUVD
EUVD
added 2026/03/04 6:31 p.m.7 views

EUVD-2026-9416

A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point AP to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key GTK associated with the victim's BSSID...

4.3CVSS5.9AI score0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/04 6:31 p.m.6 views

EUVD-2026-9415

A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation m...

5.4CVSS5.8AI score0.00259EPSS
Exploits0References2
NVD
NVD
added 2026/03/04 5:16 p.m.11 views

CVE-2026-23811

A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 L2 communication restrictions between clients and redirect traffic at Layer 3 L3. In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable...

4.3CVSS0.00155EPSS
Exploits0References1
OSV
OSV
added 2026/03/04 5:16 p.m.10 views

CVE-2026-23811

A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 L2 communication restrictions between clients and redirect traffic at Layer 3 L3. In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable...

3.1CVSS5.8AI score0.00155EPSS
Exploits0References1
NVD
NVD
added 2026/03/04 5:16 p.m.14 views

CVE-2026-23809

A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation m...

7.6CVSS0.00259EPSS
Exploits0References1
OSV
OSV
added 2026/03/04 5:16 p.m.6 views

CVE-2026-23809

A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation m...

7.6CVSS5.7AI score0.00259EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/04 4:12 p.m.28 views

CVE-2026-23811 Unauthorized Bi-Directional Traffic Interception via L2/L3 Manipulation

A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 L2 communication restrictions between clients and redirect traffic at Layer 3 L3. In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable...

4.3CVSS0.00155EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 4:12 p.m.4 views

CVE-2026-23811

A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 L2 communication restrictions between clients and redirect traffic at Layer 3 L3. In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable...

4.3CVSS5.9AI score0.00155EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/04 4:12 p.m.3 views

CVE-2026-23811 Unauthorized Bi-Directional Traffic Interception via L2/L3 Manipulation

A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 L2 communication restrictions between clients and redirect traffic at Layer 3 L3. In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable...

4.3CVSS5.9AI score0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/04 4:11 p.m.28 views

CVE-2026-23810 Cross-BSSID GTK Re-encryption and Traffic Injection

A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point AP to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key GTK associated with the victim's BSSID...

4.3CVSS0.00182EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 4:10 p.m.3 views

CVE-2026-23809

A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation m...

5.4CVSS5.8AI score0.00259EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.19 views

PT-2026-22945

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists in the client isolation mechanism that could allow an attacker to circumvent Layer 2 L2 communication limitations between clients, potentially redirecting traffic at Layer 3 L3...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.7 views

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from a port-stealing method that can bypass BSSID...

7.6CVSS5.8AI score0.00259EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.12 views

PT-2026-22943

A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation m...

5.4CVSS5.8AI score0.00259EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.12 views

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from defects in the data packet processing logic, which...

4.3CVSS5.8AI score0.00182EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2026/02/13 1:27 p.m.7 views

How to find and remove credential-stealing Chrome extensions

Researchers have found yet another family of malicious extensions in the Chrome Web Store. This time, 30 different Chrome extensions were found stealing credentials from more than 260,000 users. The extensions rendered a full-screen iframe pointing to a remote domain. This iframe overlaid the...

5.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/01/22 12:0 a.m.8 views

Watering Hole Attack Targets EmEditor Users with Information-Stealing Malware

TrendAI™ Research provides a technical analysis of a compromised EmEditor installer used to deliver multistage malware that performs a range of malicious actions...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/01 3:52 p.m.10 views

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

The first ThreatsDay Bulletin of 2026 lands on a day that already feels symbolic — new year, new breaches, new tricks. If the past twelve months taught defenders anything, it's that threat actors don't pause for holidays or resolutions. They just evolve faster. This week's round-up shows how subt...

9.8CVSS7.6AI score0.99988EPSS
Exploits10
CVE
CVE
added 2025/12/17 10:44 p.m.12 views

CVE-2023-53928

PHPFusion 9.10.30 is affected by a stored cross-site scripting vulnerability in the file manager, allowing attackers to upload SVGs with embedded JavaScript. When such SVGs are viewed, they can execute client-side code that may steal session information or perform other user-side actions. The vul...

6.1CVSS6AI score0.00217EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/11/25 12:16 a.m.4 views

MAL-2025-191275 Malicious code in @oku-ui/switch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 740a6698034fbce630b1da1ce44728782b3f71faffd3ee2801c45b6a3f9e6f7e The package @oku-ui/switch was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
Rows per page
Query Builder