Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-58565

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00328EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58566

Malicious code in bioql PyPI...

8.8CVSS6.8AI score0.00712EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.7 views

The vulnerability of the development package for integrating cloud services and communication functions in IoT devices. The Kalay SDK, a microprogramming software for video surveillance cameras such as Owlet Cam v1, Owlet Cam v2, Wyze Cam v3, and Roku Indoor Camera SE, is related to the use of uninitialized variables, allowing attackers to disclose confidential information.

The vulnerability of the development package for integrating cloud services and communication functions in IoT devices is related to the use of uninitialized variables. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

8.5CVSS5.7AI score0.00712EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2024/05/15 1:15 p.m.20 views

CVE-2023-6324

ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...

8.8CVSS8.1AI score0.00712EPSS
Exploits1References1
NVD
NVD
added 2024/05/15 1:15 p.m.17 views

CVE-2023-6323

ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...

6.5CVSS4.6AI score0.00328EPSS
Exploits1References1
OSV
OSV
added 2024/05/15 1:15 p.m.8 views

CVE-2023-6323

ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...

6.5CVSS5.8AI score0.00328EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/15 12:9 p.m.13 views

CVE-2023-6324 ThroughTek Kalay SDK error in handling the PSK identity

ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...

8.1CVSS6.9AI score0.00712EPSS
Exploits1References1
CVE
CVE
added 2024/05/15 12:9 p.m.36 views

CVE-2023-6324

ThroughTek Kalay SDK (used in Owlet Cam, Wyze Cam v3, Roku Indoor Camera SE) has a DTLS PSK handling flaw: it uses a predictable PSK value when an unexpected PSK identity is encountered, potentially exposing protected information. Related sources cite affected Kalay SDK versions (3.x to 4.x) and ...

8.8CVSS6.8AI score0.00712EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/05/15 12:9 p.m.27 views

CVE-2023-6324 ThroughTek Kalay SDK error in handling the PSK identity

ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...

8.1CVSS8.2AI score0.00712EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/15 12:8 p.m.17 views

CVE-2023-6323 ThroughTek Kalay SDK insufficient verification of message authenticity

ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...

4.3CVSS5AI score0.00328EPSS
Exploits1References1
CVE
CVE
added 2024/05/15 12:8 p.m.35 views

CVE-2023-6323

CVE-2023-6323 affects ThroughTek Kalay SDK, where the SDK does not verify the authenticity of received messages, enabling an attacker to impersonate an authoritative server. Documentation consistently identifies this as a message-authentication failure with impact on confidentiality (through pote...

6.5CVSS6.8AI score0.00328EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/15 12:8 p.m.12 views

CVE-2023-6323 ThroughTek Kalay SDK insufficient verification of message authenticity

ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...

4.3CVSS6.9AI score0.00328EPSS
Exploits1References1
Rows per page
Query Builder