Lucene search
K

580 matches found

EUVD
EUVD
added 2026/01/29 9:42 p.m.6 views

EUVD-2026-4944

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

6.9CVSS6.3AI score0.00517EPSS
Exploits1References1
OSV
OSV
added 2026/01/29 9:42 p.m.3 views

CVE-2026-25061 tcpflow has TIM Element OOB Write in wifipcap

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

6.9CVSS6.3AI score0.00517EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/01/29 9:42 p.m.6 views

CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

7.5CVSS6AI score0.00517EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/01/29 9:42 p.m.2 views

CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

7.5CVSS6.2AI score0.00517EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.6 views

PT-2026-5363

Name of the Vulnerable Software and Affected Versions tcpflow versions up to and including 1.61 Description tcpflow is a TCP/IP packet demultiplexer. The software parses 802.11 management frame elements and performs a length check on an incorrect field when handling the TIM Timing Advertisement...

6.9CVSS6.2AI score0.00517EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.8 views

TCPFLOW buffer error vulnerability

TCPFLOW is a TCP/IP packet demuxer developed by Simson L. Garfinkel. Versions of TCPFLOW 1.61 and earlier contained a buffer error vulnerability. This vulnerability stemmed from the use of wifipcap to perform length checks on error fields when processing TIM elements, which could lead to...

7.5CVSS6AI score0.00517EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.14 views

CVE-2025-67278

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request...

6.5CVSS7.3AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.12 views

CVE-2025-67281

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content...

5.4CVSS8AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.15 views

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

5.4CVSS7AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.14 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS7.5AI score0.00311EPSS
Exploits0References1
OSV
OSV
added 2026/01/09 4:16 p.m.6 views

CVE-2025-67281

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content...

5.4CVSS5.8AI score0.00192EPSS
Exploits0References2
OSV
OSV
added 2026/01/09 4:16 p.m.5 views

CVE-2025-67278

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request...

6.5CVSS5.9AI score0.00276EPSS
Exploits0References2
NVD
NVD
added 2026/01/09 4:16 p.m.9 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS0.00311EPSS
Exploits0References2
NVD
NVD
added 2026/01/09 4:16 p.m.11 views

CVE-2025-67280

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user...

5.4CVSS0.00195EPSS
Exploits0References2
NVD
NVD
added 2026/01/09 4:16 p.m.8 views

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

5.4CVSS0.00195EPSS
Exploits0References2
NVD
NVD
added 2026/01/09 4:16 p.m.5 views

CVE-2025-67278

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request...

6.5CVSS0.00276EPSS
Exploits0References2
NVD
NVD
added 2026/01/09 4:16 p.m.5 views

CVE-2025-67281

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content...

5.4CVSS0.00192EPSS
Exploits0References2
OSV
OSV
added 2026/01/09 4:16 p.m.6 views

CVE-2025-67280

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user...

5.4CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/01/09 4:16 p.m.5 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS5.9AI score0.00311EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.6 views

CVE-2020-24160

Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code...

7.8CVSS7.2AI score0.00476EPSS
Exploits0References1
Rows per page
Query Builder