209 matches found
EUVD-2020-5842
Malware in sbrugna...
EUVD-2025-17140
Malicious code in bioql PyPI...
EUVD-2025-17128
Malicious code in bioql PyPI...
EUVD-2024-25308
Malicious code in bioql PyPI...
EUVD-2025-19059
Malicious code in bioql PyPI...
EUVD-2025-17121
Malicious code in bioql PyPI...
EUVD-2025-26385
Malicious code in bioql PyPI...
EUVD-2024-54052
Malicious code in bioql PyPI...
EUVD-2024-31192
Malicious code in bioql PyPI...
EUVD-2025-17126
Malicious code in bioql PyPI...
GHSA-MXH2-CCGJ-8635 ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header
Summary On the ESP-IDF platform, ESPHome's webserver authentication check can pass incorrectly when the client-supplied base64-encoded Authorization value is empty or is a substring of the correct value e.g., correct username with partial password. This allows access to webserver functionality...
CVE-2025-55297 ESF-IDF BluFi Example Memory Overflow Vulnerability
ESF-IDF is the Espressif Internet of Things IOT Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9...
CVE-2025-52471
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
CVE-2025-52471
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
CVE-2025-52471
The CVE-2025-52471 affects ESP-IDF’s ESP-NOW protocol within the ESP-Wi‑Fi component for ESP-IDF versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6. Root cause: insufficient validation of the data_len parameter in the RX callback/data length handling leads to integer underflow, potentially causing out-of-bo...
CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory
ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...
PT-2025-26778
Name of the Vulnerable Software and Affected Versions: ESF-IDF versions 5.1.6, 5.2.5, 5.3.3, and 5.4.1 Description: An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of the ESP-IDF framework. This issue stems from...
CVE-2025-41360
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The device is vulnerable to a packet flooding denial of service attack...