16 matches found
PT-2025-41: The Twinkly Light Tree 3D firmware uses a vulnerable Blufi library
The vulnerability was identified in the Twinkly Light Tree 3D firmware, 2.8.18. An attacker within Bluetooth range, with physical access to a device running firmware prior to 2.9.0 and provisioning mode manually re-enabled could, in an attack scenario, interfere with the provisioning exchange and...
EUVD-2020-8112
Malware in sbrugna...
EUVD-2025-25514
Malicious code in bioql PyPI...
CVE-2025-55297
ESF-IDF is the Espressif Internet of Things IOT Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9...
CVE-2025-55297
ESF-IDF is the Espressif Internet of Things IOT Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9...
CVE-2025-55297
CVE-2025-55297 affects the ESP-IDF BluFi example in the Espressif IoT Development Framework (ESF-IDF). The issue is described as memory overflows in two areas: Wi‑Fi credential handling and Diffie–Hellman key exchange, with fixes released in ESP-IDF versions 5.4.1, 5.3.3, 5.1.6, and 5.0.9. Affect...
CVE-2025-55297 ESF-IDF BluFi Example Memory Overflow Vulnerability
ESF-IDF is the Espressif Internet of Things IOT Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9...
CVE-2025-55297 ESF-IDF BluFi Example Memory Overflow Vulnerability
ESF-IDF is the Espressif Internet of Things IOT Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9...
CVE-2025-55297 ESF-IDF BluFi Example Memory Overflow Vulnerability
ESF-IDF is the Espressif Internet of Things IOT Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9...
PT-2025-34229
Name of the Vulnerable Software and Affected Versions: ESP-IDF versions prior to 5.0.9 ESP-IDF versions 5.0.0 through 5.0.8 ESP-IDF versions 5.1.0 through 5.1.5 ESP-IDF versions 5.3.0 through 5.3.2 ESP-IDF versions 5.4.0 through 5.4.0 Description: The Espressif Internet of Things IOT Development...
CVE-2020-16146
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btcblufirecvhandler function in blufiprf.c. An attacker can send a crafted BluFi protocol Write Attribute command to...
CVE-2020-16146
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btcblufirecvhandler function in blufiprf.c. An attacker can send a crafted BluFi protocol Write Attribute command to...
CVE-2020-16146
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btcblufirecvhandler function in blufiprf.c. An attacker can send a crafted BluFi protocol Write Attribute command to...
Buffer overflow
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btcblufirecvhandler function in blufiprf.c. An attacker can send a crafted BluFi protocol Write Attribute command to...
CVE-2020-16146
ESP-IDF BluFi vulnerability CVE-2020-16146 affects ESP-IDF 2.x, 3.x up to 3.0.9/3.1.7/3.2.3/3.3.2 and 4.0.x up to 4.0.1. A buffer overflow occurs in BluFi provisioning, in btc_blufi_recv_handler (blufi_prf.c). An attacker can send a crafted BluFi protocol Write Attribute command to characteristic...
CVE-2020-16146
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btcblufirecvhandler function in blufiprf.c. An attacker can send a crafted BluFi protocol Write Attribute command to...