CVE-2020-26143
- EPSS 4.17%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 14.04.2026 09:16:24
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frame...
CVE-2020-26146
- EPSS 5.62%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 02.06.2026 14:16:25
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is ex...
CVE-2021-26934
- EPSS 0.35%
- Veröffentlicht 17.02.2021 02:15:13
- Zuletzt bearbeitet 21.11.2024 05:57:04
An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support...
CVE-2020-14304
- EPSS 0.36%
- Veröffentlicht 15.09.2020 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:02:57
A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerab...
CVE-2020-15802
- EPSS 7.14%
- Veröffentlicht 11.09.2020 14:15:11
- Zuletzt bearbeitet 21.11.2024 05:06:12
Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, eit...
CVE-2019-20794
- EPSS 0.51%
- Veröffentlicht 09.05.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:39:22
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace compon...
CVE-2019-15794
- EPSS 1.16%
- Veröffentlicht 24.04.2020 00:15:11
- Zuletzt bearbeitet 21.11.2024 04:29:28
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is ...
CVE-2019-20426
- EPSS 1.92%
- Veröffentlicht 27.01.2020 05:15:11
- Zuletzt bearbeitet 21.11.2024 04:38:26
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no lock_count bounds che...
CVE-2019-19814
- EPSS 3.3%
- Veröffentlicht 17.12.2019 06:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:26
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-14899
- EPSS 0.84%
- Veröffentlicht 11.12.2019 15:15:14
- Zuletzt bearbeitet 21.11.2024 04:27:38
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiti...