23 matches found
EUVD-2024-39642
Malicious code in bioql PyPI...
EUVD-2025-19059
Malicious code in bioql PyPI...
CVE-2025-52471
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
CVE-2025-52471
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
CVE-2025-52471
The CVE-2025-52471 affects ESP-IDF’s ESP-NOW protocol within the ESP-Wi‑Fi component for ESP-IDF versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6. Root cause: insufficient validation of the data_len parameter in the RX callback/data length handling leads to integer underflow, potentially causing out-of-bo...
CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
PT-2025-26778
Name of the Vulnerable Software and Affected Versions: ESF-IDF versions 5.1.6, 5.2.5, 5.3.3, and 5.4.1 Description: An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of the ESP-IDF framework. This issue stems from...
CVE-2024-42484
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound OOB vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrsnum field of the group type message. This can result in memory corruption relat...
Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification MMS protocol that, if successfully exploited, could have severe impacts in industrial environments. "The vulnerabilities could allow an attacker to crash an industrial...
CVE-2024-42483
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are...
CVE-2024-42484
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound OOB vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrsnum field of the group type message. This can result in memory corruption relat...
CVE-2024-42483 ESP-NOW Replay Attacks Vulnerability
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are...
CVE-2024-42483 ESP-NOW Replay Attacks Vulnerability
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are...
CVE-2024-42483
ESP-NOW replay attacks vulnerability in its implementation arises because the cache is shared for all message types (broadcast, unicast, ciphertext, plaintext) and is not differentiated by type. Affected: ESP-NOW component (ESP32/ESP-NOW protocol). Impact: attacker could clear legitimate entries ...
CVE-2024-42483 ESP-NOW Replay Attacks Vulnerability
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated by message types, it is a single, shared resource for all kinds of messages, whether they are...
CVE-2024-42484
CVE-2024-42484 affects the ESP-NOW component, where the group-type message handling fails to validate the addrs_num field. This omission allows a crafted group message to be larger than the allocated buffer, causing memory corruption. The vulnerability is rooted in the mismatch between addrs_num ...
CVE-2024-42484 ESP-NOW OOB Vulnerability In Group Type Message
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound OOB vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrsnum field of the group type message. This can result in memory corruption relat...
CVE-2024-42484 ESP-NOW OOB Vulnerability In Group Type Message
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound OOB vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrsnum field of the group type message. This can result in memory corruption relat...