CVSS: 8.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-45064
https://notcve.org/view.php?id=CVE-2024-45064
02 Apr 2025 — A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2096 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-50385
https://notcve.org/view.php?id=CVE-2024-50385
02 Apr 2025 — A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects X-CUBE-AZRTOS-F7 NetX Duo Component HTTP Server HTTP server v 1.1.0. This HTTP server implementation is contained in this file - x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\http\nxd_http_server.c • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2097 • CWE-459: Incomplete Cleanup •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-50384
https://notcve.org/view.php?id=CVE-2024-50384
02 Apr 2025 — A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects X-CUBE-AZRTOS-F7 NetX Duo Web Component HTTP server v 1.1.0. This HTTP server implementation is contained in this file - x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\web\nx_web_http_server.c • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2097 • CWE-459: Incomplete Cleanup •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2024-50595
https://notcve.org/view.php?id=CVE-2024-50595
02 Apr 2025 — An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This vulnerability affects the NetX Duo Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\http\nxd_http_server.c • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2102 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2024-50594
https://notcve.org/view.php?id=CVE-2024-50594
02 Apr 2025 — An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This vulnerability affects the NetX Duo Web Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\web\nx_web_http_server.c • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2102 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2024-50597
https://notcve.org/view.php?id=CVE-2024-50597
02 Apr 2025 — An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects the NetX Duo Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\http\nxd_http_server.c • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2103 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2024-50596
https://notcve.org/view.php?id=CVE-2024-50596
02 Apr 2025 — An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects the NetX Duo Web Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\web\nx_web_http_server.c • https://talosintelligence.com/vulnerability_reports/TALOS-2024-2103 • CWE-191: Integer Underflow (Wrap or Wraparound) •