|
1731
|
5.3 |
MEDIUM
Network
jflow_project
|
jflow
|
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFile_Load.…
|
NVD-CWE-Other
|
CVE-2024-9003
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1732
|
- |
|
-
|
-
|
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisc…
|
-
|
CVE-2024-20381
|
2024-09-26 02:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1733
|
- |
|
-
|
-
|
A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be exhausted when sending notifications to multiple clients, this results in all Bluetooth operations, such a…
|
-
|
CVE-2024-0240
|
2024-09-26 02:15 |
2024-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1734
|
7.5 |
HIGH
Adjacent
|
silabs
|
gecko_software_development_kit
|
A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2023-6387
|
2024-09-26 02:15 |
2024-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1735
|
7.5 |
HIGH
Network
silabs
|
gecko_software_development_kit
|
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-41097
|
2024-09-26 02:15 |
2023-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1736
|
6.1 |
MEDIUM
Physics
|
silabs
|
emberznet_sdk
|
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules)
allows potential modification or extraction of network credentials stored i…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2023-41096
|
2024-09-26 02:15 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1737
|
9.1 |
CRITICAL
Network
silabs
|
openthread_sdk
|
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2023-41095
|
2024-09-26 02:15 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1738
|
9.8 |
CRITICAL
Network
silabs
|
gecko_bootloader
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware U…
|
CWE-787
CWE-120
CWE-494
Out-of-bounds Write
Classic Buffer Overflow
Download of Code Without Integrity Check
|
CVE-2023-4041
|
2024-09-26 02:15 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1739
|
6.5 |
MEDIUM
Adjacent
|
silabs
|
bluetooth_low_energy_software_development_kit
|
A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message and cause future legitimate connection attempts to fail. A reset of the device …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-2683
|
2024-09-26 02:15 |
2023-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1740
|
7.5 |
HIGH
Network
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's 1.31 is using `oghttp` as the default HTTP/2 codec, and there are potential bugs around stream management in the codec. To …
|
NVD-CWE-noinfo
|
CVE-2024-45807
|
2024-09-26 02:12 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
