CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20046
https://notcve.org/view.php?id=CVE-2024-20046
In battery, there is a possible escalation of privilege due to an integer overflow. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3077 – Bluetooth: integer underflow in gatt_find_info_rsp
https://notcve.org/view.php?id=CVE-2024-3077
An malicious BLE device can crash BLE victim device by sending malformed gatt packet Un dispositivo BLE malicioso puede bloquear el dispositivo víctima de BLE al enviar un paquete gatt con formato incorrecto • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gmfv-4vfh-2mh8 • CWE-126: Buffer Over-read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2212 – Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()
https://notcve.org/view.php?id=CVE-2024-2212
This could lead to integer wraparound, under-allocations and heap buffer overflows. ... Eclipse ThreadX versions prior to 6.4.0 suffers from a missing array size check causing a memory overwrite, missing parameter checks leading to integer wraparound, under allocations, heap buffer overflows, and more. • https://github.com/W01fh4cker/CVE-2024-22120-RCE http://seclists.org/fulldisclosure/2024/May/35 http://www.openwall.com/lists/oss-security/2024/05/28/1 https://github.com/eclipse-threadx/threadx/security/advisories/GHSA-v9jj-7qjg-h6g6 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2214 – Missing array size check in _Mtxinit() in the Xtensa port
https://notcve.org/view.php?id=CVE-2024-2214
El archivo afectado era ports/xtensa/xcc/src/tx_clib_lock.c Eclipse ThreadX versions prior to 6.4.0 suffers from a missing array size check causing a memory overwrite, missing parameter checks leading to integer wraparound, under allocations, heap buffer overflows, and more. • https://github.com/RandomRobbieBF/CVE-2024-22145 http://seclists.org/fulldisclosure/2024/May/35 http://www.openwall.com/lists/oss-security/2024/05/28/1 https://github.com/eclipse-threadx/threadx/security/advisories/GHSA-vmp6-qhp9-r66x • CWE-129: Improper Validation of Array Index •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2452 – Integer wraparound, under-allocation, and heap buffer overflow in Eclipse ThreadX NetX Duo __portable_aligned_alloc()
https://notcve.org/view.php?id=CVE-2024-2452
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer wrap-around and an allocation smaller than expected. ... Eclipse ThreadX versions prior to 6.4.0 suffers from a missing array size check causing a memory overwrite, missing parameter checks leading to integer wraparound, under allocations, heap buffer overflows, and more. • https://github.com/xF-9979/CVE-2024-24520 http://seclists.org/fulldisclosure/2024/May/35 http://www.openwall.com/lists/oss-security/2024/05/28/1 https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-h963-7vhw-8rpx • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •