Lucene search
+L

175 matches found

alpinelinux
alpinelinux
added 2025/11/21 10:50 p.m.4 views

CVE-2025-12888

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...

7.5CVSS6.8AI score0.00274EPSS
Exploits0
cvelist
cvelist
added 2025/11/21 10:50 p.m.15 views

CVE-2025-12888 Constant Time Issue with Xtensa-based ESP32 and X22519

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...

1CVSS0.00274EPSS
Exploits0References1
osv
osv
added 2025/11/21 10:50 p.m.5 views

CVE-2025-12888 Constant Time Issue with Xtensa-based ESP32 and X22519

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...

1CVSS6.1AI score0.00274EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/11/21 10:50 p.m.2 views

CVE-2025-12888 Constant Time Issue with Xtensa-based ESP32 and X22519

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...

1CVSS6.4AI score0.00274EPSS
Exploits0References1
cve
cve
added 2025/11/21 9:33 p.m.23 views

CVE-2025-65092

ESF-IDF (Espressif IoT Development Framework) contains a vulnerability in the ESP32-P4 hardware JPEG decoder where the software JPEG parser lacks validation, allowing an out-of-bounds array access when processing crafted images. Affected versions are 5.5.1, 5.4.3, and 5.3.4; mitigations are fixes...

6.9CVSS6.6AI score0.0032EPSS
Exploits0References5
cvelist
cvelist
added 2025/11/21 9:33 p.m.13 views

CVE-2025-65092 ESP32-P4 JPEG Decoder Header Parsing Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...

6.9CVSS0.0032EPSS
Exploits0References5
euvd
euvd
added 2025/11/21 9:33 p.m.5 views

EUVD-2025-198514

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...

6.9CVSS6.5AI score0.0032EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2025/11/21 9:33 p.m.6 views

CVE-2025-65092 ESP32-P4 JPEG Decoder Header Parsing Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...

6.9CVSS6.6AI score0.0032EPSS
Exploits0References5
osv
osv
added 2025/11/21 9:33 p.m.7 views

CVE-2025-65092 ESP32-P4 JPEG Decoder Header Parsing Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...

6.9CVSS6.8AI score0.0032EPSS
Exploits0References7
redhatcve
redhatcve
added 2025/11/18 6:2 p.m.7 views

CVE-2025-64342

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

6.9CVSS6.8AI score0.00389EPSS
Exploits0References1
nvd
nvd
added 2025/11/17 6:15 p.m.6 views

CVE-2025-64342

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

6.9CVSS0.00389EPSS
Exploits0References7
cvelist
cvelist
added 2025/11/17 5:21 p.m.8 views

CVE-2025-64342 ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Access Address Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

6.9CVSS0.00389EPSS
Exploits0References7
euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2021-14838

Malware in sbrugna...

8.8CVSS8.6AI score0.0139EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7795

Malware in sbrugna...

4.6CVSS5AI score0.00245EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-6805

Malware in sbrugna...

7.2CVSS6.6AI score0.00464EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-20835

Malware in sbrugna...

7.8CVSS7.6AI score0.01471EPSS
Exploits1References3
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-3404

Malware in sbrugna...

9.1CVSS9AI score0.00737EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-19198

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00396EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28668

Malicious code in bioql PyPI...

6.3CVSS6.5AI score0.00227EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20306

Malicious code in bioql PyPI...

8.7CVSS6.5AI score0.00299EPSS
Exploits0References2
Rows per page
Query Builder