Lucene search
K

35 matches found

osv
osv
added 2024/02/22 5:15 p.m.2 views

DEBIAN-CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

7.5CVSS7.6AI score0.01103EPSS
Exploits0References1
osv
osv
added 2024/02/22 5:15 p.m.6 views

AZL-43933 CVE-2023-52161 affecting package iwd 1.22-2

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

7.5CVSS5.8AI score0.01103EPSS
Exploits0References1
osv
osv
added 2024/02/22 5:15 p.m.4 views

UBUNTU-CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

7.5CVSS5.8AI score0.01103EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2024/02/22 5:15 p.m.35 views

CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

7.5CVSS7.3AI score0.01103EPSS
Exploits0References3
debiancve
debiancve
added 2024/02/22 12:0 a.m.90 views

CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

7.5CVSS7.6AI score0.01103EPSS
Exploits0
alpinelinux
alpinelinux
added 2024/02/22 12:0 a.m.69 views

CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

7.5CVSS7.6AI score0.01103EPSS
Exploits0
susecve
susecve
added 2024/02/17 3:22 a.m.1 views

SUSE CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

7.5CVSS7.1AI score0.01103EPSS
Exploits0References3
osv
osv
added 2023/10/31 12:15 a.m.3 views

DEBIAN-CVE-2023-46129

NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server...

7.5CVSS7.5AI score0.00374EPSS
Exploits0References1
osv
osv
added 2023/10/31 12:15 a.m.7 views

AZL-31792 CVE-2023-46129 affecting package telegraf for versions less than 1.27.4-1

NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server...

7.5CVSS7.2AI score0.00374EPSS
Exploits0References1
osv
osv
added 2023/10/31 12:15 a.m.5 views

UBUNTU-CVE-2023-46129

NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server...

7.5CVSS7.3AI score0.00374EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2023/10/30 12:0 a.m.7 views

PT-2023-29861 · Unknown +1 · Nats Server +1

Name of the Vulnerable Software and Affected Versions: nkeys versions 0.4.0 through 0.4.5 NATS Server versions 2.10.0 through 2.10.3 Description: NATS.io is a high performance open source pub-sub distributed communication technology. The cryptographic key handling library, nkeys, recently gained...

7.5CVSS7.5AI score0.00374EPSS
Exploits0References18
bdu_fstec
bdu_fstec
added 2023/10/11 12:0 a.m.8 views

The vulnerability of the Mbed TLS software lies in errors during encryption processing in DTLS connections, allowing attackers to execute arbitrary code.

The vulnerability of the Mbed TLS software is related to errors in encryption processing in DTLS connections when using zero-key encryption or RC4 encryption. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.00783EPSS
Exploits0References5Affected Software3
thn
thn
added 2023/03/30 12:21 p.m.3 views

New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices

A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP...

6.3AI score
Exploits0
cnnvd
cnnvd
added 2022/02/04 12:0 a.m.5 views

Z-Wave 安全特征问题漏洞

Z-Wave is a wireless communication protocol used primarily for home automation. It is a mesh network that uses low power consumption radio waves to communicate from device to device to wirelessly control appliances and other devices in the home, such as controlling lighting, security systems,...

8.3CVSS7.7AI score0.00572EPSS
Exploits1References4
thn
thn
added 2018/05/25 9:16 a.m.5 views

Z-Wave Downgrade Attack Left Over 100 Million IoT Devices Open to Hackers

Researchers have found that even after having an advanced encryption scheme in place, more than 100 million Internet-of-Things IoT devices from thousands of vendors are vulnerable to a downgrade attack that could allow attackers to gain unauthorized access to your devices. The issue resides in th...

6.9AI score
Exploits0
Rows per page
Query Builder