CVE-2017-13086
- EPSS 2.05%
- Veröffentlicht 17.10.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVE-2017-13087
- EPSS 1.74%
- Veröffentlicht 17.10.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames f...
CVE-2017-13088
- EPSS 1.81%
- Veröffentlicht 17.10.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to repl...
CVE-2017-13077
- EPSS 2.39%
- Veröffentlicht 17.10.2017 02:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVE-2015-7504
- EPSS 0.64%
- Veröffentlicht 16.10.2017 20:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
CVE-2016-8734
- EPSS 6.38%
- Veröffentlicht 16.10.2017 13:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an ...
CVE-2017-15370
- EPSS 1.72%
- Veröffentlicht 16.10.2017 04:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
CVE-2017-15371
- EPSS 1.63%
- Veröffentlicht 16.10.2017 04:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
CVE-2017-15372
- EPSS 1.65%
- Veröffentlicht 16.10.2017 04:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
CVE-2017-12629
- EPSS 91.9%
- Veröffentlicht 14.10.2017 23:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is N...