1791
|
9.8 |
CRITICAL
Network
d7y
|
dragonfly
|
Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2023-27584
|
2024-09-26 02:28 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1792
|
6.5 |
MEDIUM
Network
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2024-45808
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1793
|
5.3 |
MEDIUM
Network
jflow_project
|
jflow
|
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFile_Load.…
|
NVD-CWE-Other
|
CVE-2024-9003
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1794
|
- |
|
-
|
-
|
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisc…
|
-
|
CVE-2024-20381
|
2024-09-26 02:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1795
|
- |
|
-
|
-
|
A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be exhausted when sending notifications to multiple clients, this results in all Bluetooth operations, such a…
|
-
|
CVE-2024-0240
|
2024-09-26 02:15 |
2024-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1796
|
7.5 |
HIGH
Adjacent
|
silabs
|
gecko_software_development_kit
|
A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2023-6387
|
2024-09-26 02:15 |
2024-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1797
|
7.5 |
HIGH
Network
silabs
|
gecko_software_development_kit
|
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-41097
|
2024-09-26 02:15 |
2023-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1798
|
6.1 |
MEDIUM
Physics
|
silabs
|
emberznet_sdk
|
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules)
allows potential modification or extraction of network credentials stored i…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2023-41096
|
2024-09-26 02:15 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1799
|
9.1 |
CRITICAL
Network
silabs
|
openthread_sdk
|
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2023-41095
|
2024-09-26 02:15 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1800
|
9.8 |
CRITICAL
Network
silabs
|
gecko_bootloader
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware U…
|
CWE-787 CWE-120 CWE-494
Out-of-bounds Write Classic Buffer Overflow Download of Code Without Integrity Check
|
CVE-2023-4041
|
2024-09-26 02:15 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|