CVE-2020-26560
- EPSS 0.86%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:15:58
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetK...
CVE-2020-26140
- EPSS 2.92%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 14.04.2026 09:16:22
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent...
CVE-2020-26142
- EPSS 2.08%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:19:21
An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143
- EPSS 4.17%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 14.04.2026 09:16:24
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frame...
CVE-2020-26146
- EPSS 5.62%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 02.06.2026 14:16:25
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is ex...
CVE-2021-26934
- EPSS 0.35%
- Veröffentlicht 17.02.2021 02:15:13
- Zuletzt bearbeitet 21.11.2024 05:57:04
An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support...
CVE-2020-14304
- EPSS 0.36%
- Veröffentlicht 15.09.2020 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:02:57
A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerab...
CVE-2019-20794
- EPSS 0.51%
- Veröffentlicht 09.05.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:39:22
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace compon...
CVE-2019-15794
- EPSS 1.16%
- Veröffentlicht 24.04.2020 00:15:11
- Zuletzt bearbeitet 21.11.2024 04:29:28
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is ...
CVE-2019-20426
- EPSS 1.92%
- Veröffentlicht 27.01.2020 05:15:11
- Zuletzt bearbeitet 21.11.2024 04:38:26
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no lock_count bounds che...