36 matches found
EUVD-2016-5464
Malware in sbrugna...
EUVD-2019-18609
Malware in sbrugna...
EUVD-2016-5463
Malware in sbrugna...
EUVD-2019-7074
Malware in sbrugna...
EUVD-2015-0247
Malware in sbrugna...
EUVD-2021-14544
Malware in sbrugna...
EUVD-2014-3632
Malware in sbrugna...
EUVD-2018-6436
Malware in sbrugna...
NewStart CGSL MAIN 7.02 : wpa_supplicant Vulnerability (NS-SA-2025-0181)
The remote NewStart CGSL host, running version MAIN 7.02, has wpasupplicant packages installed that are affected by a vulnerability: - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the...
TencentOS Server 4: wpa_supplicant (TSSA-2024:1003)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1003 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
NewStart CGSL MAIN 7.02 : wpa_supplicant Vulnerability (NS-SA-2025-0087)
The remote NewStart CGSL host, running version MAIN 7.02, has wpasupplicant packages installed that are affected by a vulnerability: - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the...
CVE-2019-9414
In wpasupplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
Azure Linux 3.0 Security Update: wpa_supplicant (CVE-2025-24912)
The version of wpasupplicant installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24912 advisory. - hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices wi...
CBL Mariner 2.0 Security Update: wpa_supplicant (CVE-2025-24912)
The version of wpasupplicant installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24912 advisory. - hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices wi...
CVE-2025-24912 affecting package wpa_supplicant for versions less than 2.10-3
CVE-2025-24912 affecting package wpasupplicant for versions less than 2.10-3. A patched version of the package is available...
CBL Mariner 2.0 Security Update: wpa_supplicant (CVE-2023-52160)
The version of wpasupplicant installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-52160 advisory. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successf...
USN-7317-1: wpa_supplicant and hostapd vulnerabilities
George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. CVE-2022-37660 Daniel De Almeida Braga...
SUSE CVE-2024-5290
An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...
USN-6945-1: wpa_supplicant and hostapd vulnerability
Rory McNamara discovered that wpasupplicant could be made to load arbitrary shared objects by unprivileged users that have access to the control interface. An attacker could use this to escalate privileges to root...
SUSE CVE-2018-14526
An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive...