161 matches found
PYSEC-2023-258
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
PYSEC-2023-256
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
PYSEC-2023-259
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
Design/Logic Flaw
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
PYSEC-2023-257
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
PYSEC-2023-258
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
PYSEC-2023-259
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
UBUNTU-CVE-2023-7152
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
CVE-2023-7152 MicroPython modselect.c poll_set_add_fd use after free
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
CVE-2023-7152
CVE-2023-7152 affects MicroPython 1.21.0 and 1.22.0-preview. The issue lies in poll_set_add_fd (extmod/modselect.c), where a use-after-free condition is triggered. The vulnerability has had an exploit disclosed publicly. A patch is identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26, and Fedor...
CVE-2023-7158
A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function sliceindices of the file objslice.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public...
MicroPython Resource Management Error Vulnerability
MicroPython is a small open source Python programming language interpreter open-sourced by MicroPython. A resource management error vulnerability exists in MicroPython version 1.21.0 and 1.22.0-preview, which stems from the function pollsetaddfd in the file extmod/modselect.c that can lead to reu...
MicroPython Security Vulnerabilities
MicroPython is a small open source Python programming language interpreter open-sourced by MicroPython. A security vulnerability exists in MicroPython 1.21.0 and earlier versions, which stems from a function sliceindices in the file objslice.c that causes a heap-based buffer overflow...
CVE-2023-7152
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function pollsetaddfd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The...
PT-2023-32911 · Unknown · Micropython
Name of the Vulnerable Software and Affected Versions: MicroPython versions 1.21.0 through 1.22.0-preview Description: A critical issue has been found in the function poll set add fd of the file extmod/modselect.c, leading to use after free. The exploit has been disclosed to the public and may be...
esp-flasher (>=1.1.1 <=1.1.2), esphome (>=1.12.0 <=2023.12.9) +15 more potentially affected by CVE-2023-46894 via esptool (>=2.6.0 <=4.6.2)
esptool PYPI version =2.6.0, =1.1.1, =1.12.0, =1.1.0, =0.1.0, =0.1.0, =1.0.106, =1.19.0, =1.20.3, =0.2.0, =0.1.1.dev1, =0.6.0, =0.1.0, =0.24.0, =1.0.3, =1.0.1, =1.0.180 and more Source cves: CVE-2023-46894 Source advisory: OSV:GHSA-3F38-96QM-R3FW...
OPENSUSE-SU-2022:10183-1 Security update for pyenv
This update for pyenv fixes the following issues: Update to 2.3.5 - Add CPython 3.10.7 by @edgarrmondragon in 2454 - Docs: update Fish PATH update by @gregorias in 2449 - Add CPython 3.7.14, 3.8.14 and 3.9.14 by @edgarrmondragon in 2456 - Update miniconda3-3.9-4.12.0 by @Tsuki in 2460 - Add CPyth...
Security update for pyenv (moderate)
openSUSE Security Update: Security update for pyenv Announcement ID: openSUSE-SU-2022:10183-1 Rating: moderate References: 1201582 Cross-References: CVE-2022-35861 CVSS scores: CVE-2022-35861 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 A...
CVE-2021-42553
A buffer overflow vulnerability in stm32mwusbhost of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBHMAXNUMENDPOINTS. The library is typically integrated when using a RTOS such as FreeRTOS on STM32 MCUs...
Malicious code in @micropython/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5d60cc11be7eba3c3a3dae9ac1729ef98bacdf43f44f7c29fde0de4b212965f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...