0.4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-17	CVE-2019-9494	Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. network high complexity w1-fi fedoraproject opensuse synology freebsd CWE-203	5.9
2015-11-09	CVE-2015-8041	Numeric Errors vulnerability in multiple products Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read. network low complexity w1-fi opensuse CWE-189	5.0