23 matches found
EUVD-2023-45617
Malicious code in bioql PyPI...
EUVD-2023-44147
Malicious code in bioql PyPI...
CVE-2023-41097
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
CVE-2023-41097
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
CVE-2023-41097
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
Buffer overflow
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
CVE-2023-41097 Potential Timing vulnerability in CBC PKCS7 padding calculations
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
CVE-2023-41097
CVE-2023-41097 concerns Silicon Labs Gecko SDK (GSDK) on ARM, where an Observable Timing Discrepancy could enable a Padding Oracle crypto attack against CBC PKCS7. Affected component is the GSDK up to and including version 4.4.0. The root cause is a timing discrepancy that leaks information durin...
CVE-2023-41097 Potential Timing vulnerability in CBC PKCS7 padding calculations
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
PT-2023-27783 · Silicon · Silabs Gsdk
Name of the Vulnerable Software and Affected Versions: Silabs GSDK versions through 4.4.0 Description: The issue is related to an Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM. This vulnerability potentially allows a Padding Oracle Crypto Attack on CBC...
CVE-2023-3488
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
CVE-2023-3488
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
Code injection
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
CVE-2023-3488 Uninitialized variable in Gecko Bootloader can leak secure stack
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
CVE-2023-3488 Uninitialized variable in Gecko Bootloader can leak secure stack
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
CVE-2023-3488
CVE-2023-3488 affects Silicon Labs Gecko SDK (GSDK) up to v4.3.0, where an uninitialized buffer in the GBL parser can allow a attacker to leak data from the Secure stack via a malformed GBL file. The vulnerability is triggered when processing a GBL file, with local attack vector and required user...
PT-2023-25045 · Silicon · Silicon Labs Gsdk
Name of the Vulnerable Software and Affected Versions: Silicon Labs GSDK versions 4.3.0 and earlier Description: The issue is related to an uninitialized buffer in the GBL parser, which allows an attacker to leak data from the Secure stack by using a malformed GBL file. Recommendations: For Silic...
CVE-2023-32100 Key duplication in GSDK
Compiler removal of buffer clearing in slisedrivermaccompute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...
CVE-2023-32099 Key duplication in GSDK
Compiler removal of buffer clearing in slisesignhash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...
CVE-2023-32098 Key duplication in GSDK
Compiler removal of buffer clearing in slisesignmessage in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...