Lucene search
K

58 matches found

CNNVD
CNNVD
added 2023/11/14 12:0 a.m.4 views

Micrium uC-HTTP Buffer Error Vulnerability

Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A buffer error vulnerability exists in Micrium uC-HTTP...

9.8CVSS7.2AI score0.01209EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.4 views

Micrium uC-HTTP Security Vulnerability

Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A security vulnerability exists in Micrium uC-HTTP version...

9.8CVSS7.3AI score0.01688EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.5 views

PT-2023-20830 · Silicon · Silicon Labs Gecko Sdk

Name of the Vulnerable Software and Affected Versions: Silicon Labs Gecko SDK versions 4.2.3 and earlier Description: The issue allows a connected device to write a payload onto the stack due to a buffer overflow in the Wi-Fi Commissioning MicriumOS example. Recommendations: For Silicon Labs Geck...

9.8CVSS7.7AI score0.00764EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/02/28 12:0 a.m.11 views

The vulnerability of the Micrium real-time operating system’s HTTP server allows attackers to execute arbitrary code.

The vulnerability of a real-time Micrium operating system’s HTTP server relates to buffer overflow attacks. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code by sending a specially crafted HTTP request...

10CVSS8.6AI score0.01862EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2022/11/15 9:15 p.m.28 views

CVE-2022-24942

Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request...

9.8CVSS0.01862EPSS
Exploits1References2
OSV
OSV
added 2022/11/15 9:15 p.m.3 views

CVE-2022-24942

Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request...

9.8CVSS6.5AI score0.01862EPSS
Exploits1References2
Prion
Prion
added 2022/11/15 9:15 p.m.21 views

Heap overflow

Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request...

7.5CVSS9.9AI score0.01862EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/11/15 12:0 a.m.2 views

Micrium uC-HTTP 缓冲区错误漏洞

Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A security vulnerability exists in Micrium uC-HTTP version...

9.8CVSS9.4AI score0.01862EPSS
Exploits1References4
CVE
CVE
added 2022/11/02 9:4 p.m.88 views

CVE-2022-24942

CVE-2022-24942 affects Micrium uC-HTTP 3.01.01’s HTTP Server. The vulnerability is a heap-based buffer overflow in the server's HTTP handling, enabling remote code execution via a crafted HTTP request over the network. According to the connected sources, the impact can be high on confidentiality,...

9.8CVSS10AI score0.01862EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/02 12:0 a.m.9 views

PT-2022-6321 · Silicon +1 · Gecko Sdk +1

Name of the Vulnerable Software and Affected Versions: Micrium uC-HTTP version 3.01.01 Silicon Labs Gecko SDK affected versions not specified Description: The issue is related to a heap-based buffer overflow in the HTTP server functionality. This can be exploited by sending a specially crafted HT...

10CVSS9.7AI score0.01862EPSS
Exploits1References9
NVD
NVD
added 2022/05/03 9:15 p.m.35 views

CVE-2021-27411

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...

6.5CVSS0.00827EPSS
Exploits0References2
OSV
OSV
added 2022/05/03 9:15 p.m.2 views

CVE-2021-27411

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...

6.5CVSS5.9AI score0.00827EPSS
Exploits0References2
Prion
Prion
added 2022/05/03 9:15 p.m.18 views

Integer overflow

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...

6.4CVSS7.1AI score0.00827EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/05/03 8:18 p.m.7 views

CVE-2021-27411 Micrium OS Integer Overflow or Wraparound

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...

6.5CVSS7AI score0.00827EPSS
Exploits0References2
CVE
CVE
added 2022/05/03 8:18 p.m.109 views

CVE-2021-27411

CVE-2021-27411 affects Micrium OS versions 5.10.1 and earlier. The issue is an integer wrap-around in Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate, causing unverified memory assignments that can allocate arbitrary memory sizes (e.g., very small blocks instead of very large blocks). T...

6.5CVSS6.8AI score0.00827EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/05/03 8:18 p.m.27 views

CVE-2021-27411 Micrium OS Integer Overflow or Wraparound

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...

6.5CVSS6.7AI score0.00827EPSS
Exploits0References2
OSV
OSV
added 2022/01/24 1:15 a.m.3 views

CVE-2021-26706

An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...

9.8CVSS5.8AI score0.01939EPSS
Exploits0References3
NVD
NVD
added 2022/01/24 1:15 a.m.14 views

CVE-2021-26706

An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...

9.8CVSS0.01939EPSS
Exploits0References3
Prion
Prion
added 2022/01/24 1:15 a.m.9 views

Integer overflow

An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...

7.5CVSS9.4AI score0.01939EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/01/24 12:19 a.m.59 views

CVE-2021-26706

The CVE-2021-26706 issue affects Micrium uC/OS uC/LIB 1.38.x and 1.39.00, where Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW can overflow when pool sizes exceed address space due to multiplication in size calculations. This can yield a smaller-than-expected memory pool and may be ex...

9.8CVSS9.4AI score0.01939EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder