Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w1.fi wpa supplicant vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-8041
Multiple integer overflows in the NDEF record parser in hostapd prior to 2.5 and wpa_supplicant prior to 2.5 allow remote malicious users to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record,...
W1.fi Wpa Supplicant
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
W1.fi Hostapd
383
VMScore
CVE-2015-4141
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 up to and including 2.4 allows remote malicious users to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or h...
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 0.7.1
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 2.4
W1.fi Wpa Supplicant 0.7.0
W1.fi Wpa Supplicant 0.7.3
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 0.7.2
W1.fi Wpa Supplicant 2.0
W1.fi Hostapd 1.1
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 0.7.3
W1.fi Hostapd 1.0
W1.fi Hostapd 0.7.0
W1.fi Hostapd 2.3
W1.fi Hostapd 0.7.2
W1.fi Hostapd 2.2
W1.fi Hostapd 2.1
W1.fi Hostapd 0.7.1
445
VMScore
CVE-2015-4143
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 up to and including 2.4 allows remote malicious users to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 2.4
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 2.0
W1.fi Hostapd 1.1
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 1.0
W1.fi Hostapd 2.3
W1.fi Hostapd 2.2
W1.fi Hostapd 2.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
445
VMScore
CVE-2015-4144
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 up to and including 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote malicious users to cause a denial of service (crash) via a crafted message.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
W1.fi Hostapd 1.1
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 1.0
W1.fi Hostapd 2.3
W1.fi Hostapd 2.2
W1.fi Hostapd 2.1
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 2.4
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 2.0
445
VMScore
CVE-2015-4145
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 up to and including 2.4 does not validate a fragment is already being processed, which allows remote malicious users to cause a denial of service (memory leak) via a crafted message.
W1.fi Hostapd 1.1
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 1.0
W1.fi Hostapd 2.3
W1.fi Hostapd 2.2
W1.fi Hostapd 2.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 2.4
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 2.0
445
VMScore
CVE-2015-4146
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 up to and including 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote malicious users to cause a denial of service (crash) via a crafted...
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Wpa Supplicant 1.0
W1.fi Wpa Supplicant 2.4
W1.fi Wpa Supplicant 1.1
W1.fi Wpa Supplicant 2.0
W1.fi Hostapd 1.1
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 1.0
W1.fi Hostapd 2.3
W1.fi Hostapd 2.2
W1.fi Hostapd 2.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3