3 matches found
CVE-2025-68622 Espressif ESP-IDF USB Host UVC Class Driver has a stack buffer overflow in UVC descriptor printing
Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class UVC device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC...
CVE-2025-68474
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...
The vulnerability of the environment loader for IoT application development, esp-idf, allows a attacker to bypass anti-rollback protection.
The vulnerability of the IoT application development environment loader espressif esp-idf is related to state management errors. Exploiting this vulnerability could allow an attacker to bypass anti-rollback protection mechanisms...