CVE-2016-4476
- EPSS 2.86%
- Veröffentlicht 09.05.2016 10:59:41
- Zuletzt bearbeitet 06.05.2026 22:30:45
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
- EPSS 3.41%
- Veröffentlicht 09.11.2015 16:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) ...
- EPSS 3.48%
- Veröffentlicht 15.06.2015 15:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) v...
- EPSS 3.4%
- Veröffentlicht 15.06.2015 15:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message.
- EPSS 3.4%
- Veröffentlicht 15.06.2015 15:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a craft...
- EPSS 3.5%
- Veröffentlicht 15.06.2015 15:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.
CVE-2015-4142
- EPSS 4.2%
- Veröffentlicht 15.06.2015 15:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which ...
CVE-2015-4141
- EPSS 2.99%
- Veröffentlicht 15.06.2015 15:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-boun...
CVE-2014-3686
- EPSS 4.95%
- Veröffentlicht 16.10.2014 00:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
CVE-2012-4445
- EPSS 4.22%
- Veröffentlicht 10.10.2012 18:55:04
- Zuletzt bearbeitet 16.06.2026 23:45:06
Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS M...