Lucene search
K
GnomeNetworkmanager

12 matches found

CVE
CVE
added 2021/05/26 8:46 p.m.222 views

CVE-2021-20297

Summary: CVE-2021-20297 affects NetworkManager prior to 1.30.0, where configuring a profile with match.path and activating it can crash the daemon, with impact on availability. Affected : NetworkManager (versions before 1.30.0). Root cause : match.path handling in profile activation leads to a cr...

5.5CVSS5.4AI score0.00254EPSS
CVE
CVE
added 2015/11/17 3:0 p.m.173 views

CVE-2015-0272

CVE-2015-0272 affects GNOME NetworkManager and allows remote denial of service via a crafted MTU value in IPv6 Router Advertisement messages. Public advisories (IBM PowerKVM bulletin and CentOS/Ubuntu/Debian disclosures) show patches and updated NetworkManager packages to fix the issue; remediati...

5CVSS5.9AI score0.05059EPSS
CVE
CVE
added 2018/03/20 1:0 p.m.156 views

CVE-2018-1000135

CVE-2018-1000135 affects GNOME NetworkManager 1.10.2 and earlier, with an information-exposure flaw in the DNS resolver that can leak private DNS queries to local network DNS servers, including over VPN. The initial report notes an upstream fix did not appear to be publicly available and that Ubu...

7.5CVSS7.3AI score0.02135EPSS
CVE
CVE
added 2020/06/08 5:16 p.m.144 views

CVE-2020-10754

CVE-2020-10754 affects NetworkManager via nmcli, where 802-1x.ca-path and 802-1x.phase2-ca-path are not honoured when creating a new profile. This can allow a user to connect to a network without proper authentication, resulting in an insecure connection. Public references in connected documents ...

4.3CVSS4.8AI score0.00983EPSS
CVE
CVE
added 2019/12/26 7:53 p.m.127 views

CVE-2012-2736

CVE-2012-2736 affects NetworkManager 0.9.2.0. When a new wireless network is created with WPA/WPA2 security in AdHoc mode, the process can create an open/insecure network rather than a secure one. This has been observed in multiple feeds (NVD, OSV, SUSE, Debian trackers, etc.). The CVSS metrics i...

4.4CVSS4.5AI score0.00428EPSS
CVE
CVE
added 2011/09/02 11:0 p.m.87 views

CVE-2011-2176

CVE-2011-2176 affects GNOME NetworkManager prior to 0.8.6 where PolicyKit auth_admin is not properly enforced, allowing local users to bypass wireless network sharing restrictions. The MiracleLinux Nessus notes CVE-2011-2176 as a remediation item in NetworkManager 0.8.x, and other advisories cite...

2.1CVSS6AI score0.00324EPSS
CVE
CVE
added 2020/01/27 2:56 p.m.77 views

CVE-2006-7246

CVE-2006-7246 affects NetworkManager 0.9.x, where the code path used for 802.11X authentication does not pin a certificate’s subject to the ESSID. The root cause is a failure to bind the server certificate to the specific wireless network, potentially allowing credential exposure or man-in-the-mi...

6.8CVSS6.4AI score0.00884EPSS
CVE
CVE
added 2009/12/23 8:0 p.m.77 views

CVE-2009-4145

CVE-2009-4145 affects NetworkManager (NM) 0.7.x via the nm-connection-editor D-Bus interface. The vulnerability arises because NM exports connection objects over D-Bus when actions are performed in the connection editor GUI, allowing a local user to read D-Bus signals and disclose sensitive infor...

2.1CVSS5.6AI score0.00383EPSS
CVE
CVE
added 2009/12/23 8:0 p.m.68 views

CVE-2009-4144

CVE-2009-4144 affects NetworkManager 0.7.x (e.g., NM 0.7.2). The CA certificate file for WPA Enterprise/802.1x could be missing at connection time, allowing a remote attacker to spoof a wireless network and potentially obtain sensitive information or cause connectivity disruption. Multiple adviso...

6.8CVSS6.2AI score0.01897EPSS
CVE
CVE
added 2020/03/10 4:36 p.m.61 views

CVE-2012-1096

CVE-2012-1096 affects NetworkManager 0.9 and earlier. The flaw allows local users to access other users’ certificates or private keys when establishing a connection via a file path during addition of a new connection. This is a local-attack exposure with a confidentiality impact reported as high ...

5.5CVSS5.4AI score0.0071EPSS
CVE
CVE
added 2011/06/14 5:0 p.m.55 views

CVE-2011-1943

CVE-2011-1943 affects NetworkManager 0.8.999-3.git20110526 in Fedora 15, where the destroy_one_secret function in nm-setting-vpn.c (libnm-util) logs a certificate password. The log entry can be read by local users, allowing disclosure of sensitive information. Impact is limited to confidentiality...

2.1CVSS5.5AI score0.00215EPSS
CVE
CVE
added 2005/08/01 4:0 a.m.45 views

CVE-2005-2410

The CVE-2005-2410 entry concerns NetworkManager’s nm_info_handler, where a format string vulnerability arises from improper handling of a Wireless Access Point identifier in a syslog call. The impact described in the sources is remote code execution via crafted input, with attack vector over the ...

7.5CVSS7.6AI score0.03514EPSS