CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1638 – Bluetooth characteristic LESC security requirement not enforced without additional flags
https://notcve.org/view.php?id=CVE-2024-1638
19 Feb 2024 — The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. If set, requires that LE Secure Connections is used for read/write access, however this is only true when it is combined with other permissions, namely BT_GATT_PERM_READ_ENCRYPT/BT_GATT_PERM_READ_AUTHEN (for read) or BT_GATT_PERM_WRITE_ENCRYPT/BT_GATT_PERM_WRITE_AUTHEN (for write), if these additional permissions... • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p6f3-f63q-5mc2 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5779 – can: out of bounds in remove_rx_filter function
https://notcve.org/view.php?id=CVE-2023-5779
18 Feb 2024 — can: out of bounds in remove_rx_filter function puede: fuera de los límites en la función remove_rx_filter • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7cmj-963q-jj47 • CWE-787: Out-of-bounds Write •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6249 – ipm: signed to unsigned conversion problem in esp32_ipm_send
https://notcve.org/view.php?id=CVE-2023-6249
18 Feb 2024 — Signed to unsigned conversion esp32_ipm_send Conversión firmada a no firmada esp32_ipm_send • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6749 – Unchecked user input length in the Zephyr Settings Shell
https://notcve.org/view.php?id=CVE-2023-6749
18 Feb 2024 — Unchecked length coming from user input in settings shell Longitud no marcada proveniente de la entrada del usuario en el shell de configuración • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-757h-rw37-66hw • CWE-121: Stack-based Buffer Overflow •