CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41093 – Loss of confidentiality due to potential race condition in Bluetooth controller Connection_Handle reuse
https://notcve.org/view.php?id=CVE-2023-41093
12 Jul 2024 — Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker with precise timing capabilities to intercept a small number of packets intended for a recipient that has left the network.This issue affects Silabs Bluetooth SDK: through 8.0.0. Vulnerabilidad de Use After Free en el SDK Bluetooth de Silicon Labs en 32 bits, ARM puede permitir que un atacante con capacidades de sincronización precisa intercepte una pequeña cantidad de paquetes destinados a un destinatario que ha... • https://community.silabs.com/068Vm000007v4HP • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23938 – Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23938
21 Jun 2024 — Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the debug interface. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. • https://community.silabs.com/a45Vm0000000Atp • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22472 – Long S0 frames received by 500 series Z-Wave devices may cause buffer overflow
https://notcve.org/view.php?id=CVE-2024-22472
07 May 2024 — A buffer Overflow vulnerability in Silicon Labs 500 Series Z-Wave devices may allow Denial of Service, and potential Remote Code execution This issue affects all versions of Silicon Labs 500 Series SDK prior to v6.85.2 running on Silicon Labs 500 series Z-wave devices. Una vulnerabilidad de desbordamiento de búfer en los dispositivos Z-Wave de la serie 500 de Silicon Labs puede permitir una denegación de servicio y una posible ejecución remota de código. Este problema afecta a todas las versiones del SDK de... • https://community.silabs.com/068Vm000004rZwm • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39541
https://notcve.org/view.php?id=CVE-2023-39541
20 Feb 2024 — A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet. Existe una vulnerabilidad de denegación de servicio en la funcionalidad de análisis ICMP e ICMPv6 de Weston Embedded uC-TCP-IP v3.06.01. Un paquete de red es... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1828 • CWE-126: Buffer Over-read •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39540
https://notcve.org/view.php?id=CVE-2023-39540
20 Feb 2024 — A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet. Existe una vulnerabilidad de denegación de servicio en la funcionalidad de análisis ICMP e ICMPv6 de Weston Embedded uC-TCP-IP v3.06.01. Un paquete de red espe... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1828 • CWE-126: Buffer Over-read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45318
https://notcve.org/view.php?id=CVE-2023-45318
20 Feb 2024 — A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad del servidor HTTP de Weston Embedded uC-HTTP git commit 80d4004. Un paquete de red especialmente manipulado puede provocar la ejecución de... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1843 • CWE-122: Heap-based Buffer Overflow •