CVE-2020-26559
- EPSS 0.85%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:15:58
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce p...
CVE-2020-26560
- EPSS 0.86%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:15:58
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetK...
CVE-2020-26140
- EPSS 2.92%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 14.04.2026 09:16:22
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent...
CVE-2020-26141
- EPSS 3.07%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 14.04.2026 09:16:23
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt ...
CVE-2020-26142
- EPSS 2.08%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:19:21
An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143
- EPSS 4.17%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 14.04.2026 09:16:24
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frame...
CVE-2020-26144
- EPSS 4.91%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 14.04.2026 09:16:25
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary c...
CVE-2020-26145
- EPSS 3.52%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 14.04.2026 09:16:25
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary ca...
CVE-2020-26146
- EPSS 5.62%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 02.06.2026 14:16:25
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is ex...
CVE-2020-36310
- EPSS 0.33%
- Veröffentlicht 07.04.2021 00:15:13
- Zuletzt bearbeitet 21.11.2024 05:29:14
An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.