Shodan
Vulnerabilities
Vulnerable Software
Opensuse:  >> Leap  >> 42.3  Security Vulnerabilities
CVE-2017-13087
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-10-17
CVE-2017-13088
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-10-17
CVE-2017-13077
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVSS Score
6.8
EPSS Score
0.008
Published
2017-10-17
CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVSS Score
9.8
EPSS Score
0.602
Published
2017-10-04
CVE-2017-14493
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
CVSS Score
9.8
EPSS Score
0.056
Published
2017-10-03
CVE-2017-6594
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
CVSS Score
7.5
EPSS Score
0.002
Published
2017-08-28
CVE-2017-8834
The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.
CVSS Score
6.5
EPSS Score
0.008
Published
2017-06-12
CVE-2017-8871
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.
CVSS Score
6.5
EPSS Score
0.019
Published
2017-06-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved