Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2017-10-17	CVE-2017-13084	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. high complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	6.8
2017-10-17	CVE-2017-13082	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. low complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	8.1
2017-10-17	CVE-2017-13081	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. high complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	5.3
2017-10-17	CVE-2017-13080	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. high complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	5.3
2017-10-17	CVE-2017-13079	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. high complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	5.3
2017-10-17	CVE-2017-13078	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. high complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	5.3
2017-10-17	CVE-2017-13077	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. high complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	6.8
2017-10-04	CVE-2017-14491	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. network low complexity thekelleys redhat canonical debian opensuse suse nvidia huawei arista siemens arubanetworks synology CWE-787 critical	9.8
2017-10-03	CVE-2017-14493	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. network low complexity redhat debian canonical opensuse thekelleys CWE-119 critical	9.8
2017-09-28	CVE-2015-3138	Improper Input Validation vulnerability in multiple products print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). network low complexity tcpdump opensuse-project opensuse CWE-20	7.5