Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.32 views

NewStart CGSL MAIN 6.02 : gupnp Multiple Vulnerabilities (NS-SA-2022-0060)

The remote NewStart CGSL host, running version MAIN 6.02, has gupnp packages installed that are affected by multiple vulnerabilities: - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different...

8.1CVSS6.8AI score0.15193EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.42 views

NewStart CGSL MAIN 6.02 : gssdp Vulnerability (NS-SA-2022-0065)

The remote NewStart CGSL host, running version MAIN 6.02, has gssdp packages installed that are affected by a vulnerability: - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.24 views

AlmaLinux 8 : gssdp and gupnp (ALSA-2021:1789)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1789 advisory. - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2021/12/29 12:0 a.m.39 views

Slackware Linux 14.0 / 14.1 / 14.2 / current wpa_supplicant Multiple Vulnerabilities (SSA:2021-362-01)

The version of wpasupplicant installed on the remote host is prior to 2.9. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-362-01 advisory. - hostapd before 2.10 and wpasupplicant before 2.10 allow an incorrect indication of disconnection in certain situations...

7.9CVSS7.9AI score0.15193EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.22 views

EulerOS 2.0 SP3 : wpa_supplicant (EulerOS-SA-2021-1131)

According to the version of the wpasupplicant package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a deliver...

7.8CVSS6.8AI score0.15193EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/11/05 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2020-2477)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.15193EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/08/10 12:0 a.m.32 views

Debian DLA-2318-1 : wpa security update

The following CVEs have been reported against src:wpa. CVE-2019-10064 hostapd before 2.6, in EAP mode, makes calls to the rand and random standard library functions without any preceding srand or srandom call, which results in inappropriate use of deterministic values. This was fixed in conjuncti...

7.8CVSS6.7AI score0.15193EPSS
Exploits4References5
Mageia
Mageia
added 2020/07/31 11:25 p.m.44 views

Updated gssdp/gupnp packages fix security vulnerability

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. CVE-2020-12695...

7.8CVSS1.9AI score0.15193EPSS
Exploits3References2
OSV
OSV
added 2020/06/08 5:15 p.m.33 views

CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...

7.5CVSS6.9AI score0.15193EPSS
Exploits3References17
UbuntuCve
UbuntuCve
added 2020/06/08 5:15 p.m.35 views

CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...

7.8CVSS6.9AI score0.15193EPSS
Exploits3References8
Rows per page
Query Builder