Lucene search
+L

235 matches found

OSV
OSV
added 2021/12/19 7:44 p.m.27 views

GSD-2021-1002608 iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda

iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.8 by commit...

7.1AI score
Exploits0
OSV
OSV
added 2021/12/19 7:40 p.m.13 views

GSD-2021-1002521 iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda

iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.85 by commit...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2021/07/22 12:0 a.m.4 views

STMicroelectronics STM32Cube 安全漏洞

The Stmicroelectronics STMicroelectronics STM32Cube is a microcontroller for embedded systems from STMicroelectronics Switzerland. A security vulnerability exists in the USBHMSCInterfaceInit function in STMicroelectronics STM32Cube Middleware v1.8.0 and earlier versions, which can lead to a denia...

4.6CVSS5.2AI score0.00354EPSS
Exploits1References2
OSV
OSV
added 2021/05/31 3:39 p.m.10 views

GSD-2021-1000294 spi: stm32: Fix use-after-free on unbind

spi: stm32: Fix use-after-free on unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2021/05/31 3:39 p.m.19 views

GSD-2021-1000391 spi: stm32: Fix use-after-free on unbind

spi: stm32: Fix use-after-free on unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2021/05/31 3:39 p.m.5 views

UVI-2021-1000391 spi: stm32: Fix use-after-free on unbind

spi: stm32: Fix use-after-free on unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2021/01/20 3:42 p.m.43 views

CVE-2020-20949

Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube UM1924. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the...

5.6AI score0.00919EPSS
Exploits0References3
CVE
CVE
added 2021/01/20 3:42 p.m.74 views

CVE-2020-20949

Technical details for CVE-2020-20949 are not publicly available in the provided documents. Monitor for updates from vendors/authorities; current sources repeat the vulnerability description without concrete specifics (affected products, versions, or fixes).

5.9CVSS5.5AI score0.00919EPSS
Exploits0References3Affected Software21
CNNVD
CNNVD
added 2021/01/20 12:0 a.m.9 views

Stmicroelectronics Stm32 Crypto Library Package Encryption Problem Vulnerability

The Stmicroelectronics Stm32 Crypto Library Package is a code library from Stmicroelectronics, Inc. that provides cryptographic functionality for the Stm32 family of microcontrollers. The Stmicroelectronics Stm32 Crypto Library Package is vulnerable to a cryptographic issue that could allow an...

5.9CVSS6.3AI score0.00919EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/01/20 12:0 a.m.6 views

PT-2021-10560

Name of the Vulnerable Software and Affected Versions: STM32 cryptographic firmware library software expansion for STM32Cube UM1924 affected versions not specified Description: The issue concerns Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA, which can be exploited using Bleichenbacher's...

5.9CVSS6.3AI score0.00919EPSS
Exploits0References11
CNVD
CNVD
added 2020/04/07 12:0 a.m.7 views

STMicroelectronics STM32F1 Information Disclosure Vulnerability

The STMicroelectronics STM32F1 is an ARM Cortex M3-based 32-bit microcontroller from STMicroelectronics, Switzerland. An information disclosure vulnerability exists in the STMicroelectronics STM32F1 that stems from improper access control. An attacker could exploit the vulnerability to gain acces...

7.5CVSS6.5AI score0.02989EPSS
Exploits1References1
Prion
Prion
added 2019/09/12 6:15 p.m.18 views

Code injection

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

7.5CVSS9.5AI score0.02261EPSS
Exploits1References1
CVE
CVE
added 2019/09/12 5:43 p.m.147 views

CVE-2019-14236

The CVE-2019-14236 entry concerns STMicroelectronics STM32L0/L1/L4/F4/F7/H7 microcontrollers where Proprietary Code Read Out Protection (PCROP) can be defeated by observing CPU registers and the effects of code execution. Affected components are PCROP-protected regions on these devices, with the ...

9.8CVSS9.5AI score0.02261EPSS
Exploits1References1Affected Software1
exploitpack
exploitpack
added 2017/04/06 12:0 a.m.95 views

Cesanta Mongoose OS - Use-After-Free

Cesanta Mongoose OS - Use-After-Free COMPASS SECURITY ADVISORY https://www.compass-security.com/en/research/advisories/ Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors:...

5CVSS0.12251EPSS
Exploits5
0day.today
0day.today
added 2017/04/06 12:0 a.m.97 views

Cesanta Mongoose OS - Use-After-Free Vulnerability

Exploit for hardware platform in category dos / poc Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors: Philipp Promeuschel Carel van Rooyen Stephan Sekula Date: 2017-04-03...

5CVSS7.6AI score0.12251EPSS
Exploits5
Rows per page
Query Builder