Gnome

Networkmanager

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-20297

  • EPSS 0.1%
  • Veröffentlicht 26.05.2021 21:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:18

A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability.

4.3

CVE-2020-10754

  • EPSS 0.25%
  • Veröffentlicht 08.06.2020 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:56:00

It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happe...

5.5

CVE-2012-1096

  • EPSS 0.35%
  • Veröffentlicht 10.03.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 01:36:24

NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.

6.8

CVE-2006-7246

Exploit
  • EPSS 0.07%
  • Veröffentlicht 27.01.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 00:24:43

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

4.4

CVE-2012-2736

Exploit
  • EPSS 0.08%
  • Veröffentlicht 26.12.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 01:39:32

In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.

7.5

CVE-2018-1000135

  • EPSS 1.12%
  • Veröffentlicht 20.03.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:45

GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have bee...

5

CVE-2015-0272

  • EPSS 1.08%
  • Veröffentlicht 17.11.2015 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

2.1

CVE-2011-2176

  • EPSS 0.05%
  • Veröffentlicht 02.09.2011 23:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.

2.1

CVE-2011-1943

  • EPSS 0.04%
  • Veröffentlicht 14.06.2011 17:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by read...

6.8

CVE-2009-4144

  • EPSS 1.28%
  • Veröffentlicht 23.12.2009 20:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensiti...