pkg:Debian/wpa

共 70 筆 CVECRITICAL3HIGH21MEDIUM31LOW2

✅ 檢查你的版本

所有已知漏洞

CRITICAL9.8CVE-2022-23304The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of…
from 0, < 2:2.9.0-21+deb11u3
CRITICAL9.8CVE-2022-23303wpa - security update
from 0, < 2:2.9.0-21+deb11u3
CRITICAL9.8CVE-2022-23303wpa - security update
from 0, < 2:2.9.0-21+deb11u3
HIGH8.1CVE-2019-9499The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elem…
from 0, < 2:2.7+git20190128+0c1e29f-4
HIGH8.1CVE-2019-9498The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements,…
from 0, < 2:2.7+git20190128+0c1e29f-4
HIGH8.1CVE-2019-9497The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-C…
from 0, < 2:2.7+git20190128+0c1e29f-4
HIGH8.1CVE-2017-13082Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK…
from 0, < 2:2.4-1.1
HIGH7.8CVE-2024-5290wpa - security update
from 0, < 2:2.9.0-21+deb11u2
HIGH7.8CVE-2024-5290wpa - security update
from 0, < 2:2.9.0-21+deb11u2
HIGH7.8CVE-2016-4477wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitra…
from 0, < 2.3-2.4
HIGH7.5CVE-2021-27803wpa - security update
from 0, < 2:2.4-1+deb9u9
HIGH7.5CVE-2021-27803wpa - security update
from 0, < 2:2.9.0-21
HIGH7.5CVE-2021-0326wpa - security update
from 0, < 2:2.9.0-17
HIGH7.5CVE-2021-0326wpa - security update
from 0, < 2:2.4-1+deb9u8
HIGH7.5CVE-2020-12695wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-6+deb10u3
HIGH7.5CVE-2020-12695wpa - security update
from 0, < 2:2.9.0-16
HIGH7.5CVE-2019-10064wpa - security update
from 0, < 2:2.4-1+deb9u7
HIGH7.5CVE-2019-10064wpa - security update
from 0, < 2:2.6-7
HIGH7.5CVE-2019-10064wpa - security update
from 0, < 2.3-1+deb8u10
HIGH7.5CVE-2019-9496An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing th…
from 0, < 2:2.7+git20190128+0c1e29f-4
HIGH7.5CVE-2016-10743wpa - security update
from 0, < 2:2.6-7
HIGH7.5CVE-2016-10743wpa - security update
from 0, < 2.3-1+deb8u7
HIGH7.5CVE-2016-4476wpa - security update
from 0, < 1.0-3+deb7u4
HIGH7.5CVE-2016-4476wpa - security update
from 0, < 2.3-2.4
MEDIUM6.8CVE-2017-13086Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handsha…
from 0, < 2:2.4-1.1
MEDIUM6.8CVE-2017-13084Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey ha…
from 0
MEDIUM6.8CVE-2017-13077wpa - security update
from 0, < 2:2.4-1.1
MEDIUM6.8CVE-2017-13077wpa - security update
from 0, < 1.0-3+deb7u5
MEDIUM6.8CVE-2017-13077wpa - security update
from 0, < 2.3-1+deb8u5
MEDIUM6.5CVE-2022-37660In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association.
from 0, < 2:2.9.0-21+deb11u3
MEDIUM6.5CVE-2023-52160wpa - security update
from 0, < 2:2.9.0-21+deb11u1
MEDIUM6.5CVE-2023-52160wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-6+deb10u4
MEDIUM6.5CVE-2019-5062An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 8…
from 0
MEDIUM6.5CVE-2019-5061An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates…
from 0, < 2:2.9+git20200213+877d9a0-1
MEDIUM6.5CVE-2019-16275wpa - security update
from 0, < 2.3-1+deb8u9
MEDIUM6.5CVE-2019-16275wpa - security update
from 0, < 2:2.9-2
MEDIUM6.5CVE-2018-14526wpa - security update
from 0, < 2.3-1+deb8u6
MEDIUM6.5CVE-2018-14526wpa - security update
from 0, < 2:2.6-18
MEDIUM5.9CVE-2019-13377wpa - security update
from 0, < 2:2.9-1
MEDIUM5.9CVE-2019-13377wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-6+deb10u1
MEDIUM5.9CVE-2019-11555wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-5
MEDIUM5.9CVE-2019-11555wpa - security update
from 0, < 2.3-1+deb8u8
MEDIUM5.9CVE-2019-11555wpa - security update
from 0, < 2:2.4-1+deb9u4
MEDIUM5.9CVE-2019-9494The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing difference…
from 0, < 2:2.7+git20190128+0c1e29f-4
MEDIUM5.9CVE-2015-5316The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network…
from 0, < 2.3-2.3
MEDIUM5.9CVE-2015-5315The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large e…
from 0, < 2.3-2.3
MEDIUM5.9CVE-2015-5314The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large…
from 0, < 2.3-2.3
MEDIUM5.3CVE-2021-30004In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x…
from 0
MEDIUM5.3CVE-2017-13088Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing…
from 0, < 2:2.4-1.1
MEDIUM5.3CVE-2017-13087Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless…
from 0, < 2:2.4-1.1
MEDIUM5.3CVE-2017-13081Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during th…
from 0, < 2:2.4-1.1
MEDIUM5.3CVE-2017-13080Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an att…
from 0, < 2:2.4-1.1
MEDIUM5.3CVE-2017-13079Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during th…
from 0, < 2:2.4-1.1
MEDIUM5.3CVE-2017-13078Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an atta…
from 0, < 2:2.4-1.1
MEDIUM4.3CVE-2015-5310The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protect…
from 0, < 2.3-2.3
LOW3.7CVE-2019-9495wpa - security update
from 0, < 2:2.4-1+deb9u3
LOW3.7CVE-2019-9495wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-4
—CVE-2015-8041Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a…
from 0, < 2.3-2.2
—CVE-2015-4146The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before deter…
from 0, < 2.3-2.2
—CVE-2015-4145The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being proc…
from 0, < 2.3-2.2
—CVE-2015-4144The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to…
from 0, < 2.3-2.2
—CVE-2015-4143The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of servi…
from 0, < 2.3-2.2
—CVE-2015-4142hostapd - security update
from 0, < 2.3-2.2
—CVE-2015-4141wpa - security update
from 0, < 2.3-2.2
—CVE-2015-4141wpa - security update
from 0, < 1.0-3+deb7u3
—CVE-2015-1863wpa - security update
from 0, < 2.3-2
—CVE-2015-1863wpa - security update
from 0, < 1.0-3+deb7u2
—CVE-2014-3686wpa - security update
from 0, < 1.0-3+deb7u1
—CVE-2014-3686wpa - security update
from 0, < 2.3-1
—CVE-2012-4445hostapd - denial of service
from 0, < 1.0-3