1931
|
- |
|
-
|
-
|
A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be exhausted when sending notifications to multiple clients, this results in all Bluetooth operations, such a…
|
-
|
CVE-2024-0240
|
2024-09-26 02:15 |
2024-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1932
|
7.5 |
HIGH
Adjacent
|
silabs
|
gecko_software_development_kit
|
A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2023-6387
|
2024-09-26 02:15 |
2024-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1933
|
7.5 |
HIGH
Network
silabs
|
gecko_software_development_kit
|
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-41097
|
2024-09-26 02:15 |
2023-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1934
|
6.1 |
MEDIUM
Physics
|
silabs
|
emberznet_sdk
|
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules)
allows potential modification or extraction of network credentials stored i…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2023-41096
|
2024-09-26 02:15 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1935
|
9.1 |
CRITICAL
Network
silabs
|
openthread_sdk
|
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2023-41095
|
2024-09-26 02:15 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1936
|
9.8 |
CRITICAL
Network
silabs
|
gecko_bootloader
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware U…
|
CWE-787 CWE-120 CWE-494
Out-of-bounds Write Classic Buffer Overflow Download of Code Without Integrity Check
|
CVE-2023-4041
|
2024-09-26 02:15 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1937
|
6.5 |
MEDIUM
Adjacent
|
silabs
|
bluetooth_low_energy_software_development_kit
|
A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message and cause future legitimate connection attempts to fail. A reset of the device …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-2683
|
2024-09-26 02:15 |
2023-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1938
|
7.5 |
HIGH
Network
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's 1.31 is using `oghttp` as the default HTTP/2 codec, and there are potential bugs around stream management in the codec. To …
|
NVD-CWE-noinfo
|
CVE-2024-45807
|
2024-09-26 02:12 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1939
|
5.4 |
MEDIUM
Network
|
cryoutcreations
|
kahuna
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Kahuna allows Stored XSS.This issue affects Kahuna: from n/a through 1.7.0.
|
CWE-79
Cross-site Scripting
|
CVE-2024-43994
|
2024-09-26 02:09 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1940
|
7.5 |
HIGH
Network
trianglemicroworks siemens
|
iec_61850_source_code_library sicam_a8000_firmware sicam_scc_firmware sicam_egs_firmware sicam_s8000 sitipe_at
|
Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-34057
|
2024-09-26 02:08 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|