Page 3 of 25 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability. Existe una vulnerabilidad de corrupción de memoria en la funcionalidad de límite de formulario HTTP Server de Weston Embedded uC-HTTP v3.01.01. Un paquete de red especialmente manipulado puede provocar la ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1738 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability. Existe una vulnerabilidad de corrupción de memoria en la funcionalidad de análisis de encabezados de HTTP Server Host de Weston Embedded uC-HTTP v3.01.01. Un paquete de red especialmente manipulado puede provocar la ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1746 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0

Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access. Obligar a la pila Bluetooth LE a segmentar paquetes de "prepare write response" puede provocar un acceso a la memoria fuera de los límites. • https://github.com/SiliconLabs/gecko_sdk https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ViQvHQAV/?operationContext=S1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000Wi3HwQAJ?operationContext=S1 https://github.com/SiliconLabs/gecko_sdk/releases • CWE-908: Use of Uninitialized Resource •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U2sFvQAJ?operationContext=S1 https://github.com/SiliconLabs/gecko_sdk • CWE-908: Use of Uninitialized Resource CWE-1204: Generation of Weak Initialization Vector (IV) •