Suse: >> Linux Enterprise Desktop >> 12 Security Vulnerabilities
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVSS Score
6.8
EPSS Score
0.017
Published
2017-10-17
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVSS Score
6.8
EPSS Score
0.005
Published
2017-10-17
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
CVSS Score
5.3
EPSS Score
0.005
Published
2017-10-17
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
CVSS Score
5.3
EPSS Score
0.005
Published
2017-10-17
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVSS Score
6.8
EPSS Score
0.007
Published
2017-10-17
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
CVSS Score
7.5
EPSS Score
0.368
Published
2017-07-21
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVSS Score
7.7
EPSS Score
0.034
Published
2017-04-13
Stack-based buffer overflow in game-music-emu before 0.6.1.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-12
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-12
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-12