Page 9 of 63 results (0.007 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses. Un controlador Bluetooth malicioso o defectuoso puede provocar sobrelecturas del búfer en la mayoría de las funciones que procesan respuestas de comandos HCI. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8rpp-6vxq-pqg3 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer. El manejo inconsistente de los casos de error en bluetooth hci puede provocar una condición doblemente libre de un búfer de red. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w525-fm68-ppq3 • CWE-415: Double Free •

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0

usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem. La clase bluetooth del dispositivo USB incluye un desbordamiento de búfer relacionado con la implementación de net_buf_add_mem. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfxq-3w6x-fv2m • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wrj2-9vj9-rrcp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet. Hay un error en la condición de la última declaración if en la función smp_check_keys. Rechazaba las claves actuales si no se cumplían todos los requisitos. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3286-jgjx-8cvr •