|
51
|
6.5
-
|
MEDIUM
Network
|
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during P…
|
CWE-287
Improper Authentication
|
CVE-2023-52160
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:39
2024-02-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
52
|
7.5
-
|
HIGH
Network
|
mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions mi…
|
NVD-CWE-noinfo
|
CVE-2024-24814
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:59
2024-02-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
53
|
5.5
-
|
MEDIUM
Local
|
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does …
|
CWE-787
Out-of-bounds Write
|
CVE-2024-1151
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:49
2024-02-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
54
|
9.8
-
|
CRITICAL
Network
|
In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-25714
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 18:01
2024-02-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
55
|
7.5
-
|
HIGH
Network
|
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to …
|
-
|
CVE-2023-6536
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:44
2024-02-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
56
|
7.5
-
|
HIGH
Network
|
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to …
|
-
|
CVE-2023-6356
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:43
2024-02-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
57
|
5.3
-
|
MEDIUM
Adjacent
|
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to…
|
CWE-362
Race Condition
|
CVE-2024-24858
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-02-14 03:17
2024-02-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
58
|
6.8
-
|
MEDIUM
Adjacent
|
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth conn…
|
CWE-362 CWE-190
Race Condition Integer Overflow or Wraparound
|
CVE-2024-24857
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2025-02-14 03:17
2024-02-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
59
|
7.8
-
|
HIGH
Local
|
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
The nft_verdict_init() function allows positive values as …
|
CWE-416
Use After Free
|
CVE-2024-1086
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:49
2024-01-31
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
60
|
7.5
-
|
HIGH
Network
|
Transmit requests in Xen's virtual network protocol can consist of
multiple parts. While not really useful, except for the initial part
any of them may be of zero length, i.e. carry no data at all. …
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-46838
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:29
2024-01-29
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|