CVE-2021-46873

MEDIUM Year: 2021
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-362
View all →

Vulnerability Description

WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently useless.

Related Vulnerabilities

CVE-2010-5153

MEDIUM
CVSS:5.3(Medium)

Race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler ...

CWE-3622010

CVE-2010-5164

MEDIUM
CVSS:5.3(Medium)

Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a ...

CWE-3622010

CVE-2016-1670

MEDIUM
CVSS:5.3(Medium)

Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make...

CWE-3622016

CVE-2016-3106

MEDIUM
CVSS:5.3(Medium)

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner.

CWE-3622016

CVE-2016-4247

MEDIUM
CVSS:5.3(Medium)

Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via...

CWE-3622016

CVE-2017-14748

MEDIUM
CVSS:5.3(Medium)

Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific ti...

CWE-3622017