Lucene search
+L

28 matches found

euvd
euvd
added yesterday5 views

EUVD-2025-210469

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip before 1.4.2, specifically within the Level Control cluster's periodic server tick logic. When a MoveToLevel command is sent and immediately followed by a write of OperationMode=2 in the Pump Configuration and Control...

7.5CVSS6.1AI score0.00214EPSS
Exploits0References3
euvd
euvd
added yesterday5 views

EUVD-2025-210468

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic emberAfLevelControlClusterServerTickCallback. When a MoveToLevel command is executed and followed by a conflicting write to the OperationMod...

7.5CVSS6AI score0.00207EPSS
Exploits0References3
nvd
nvd
added 2 days ago8 views

CVE-2025-56362

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip before 1.4.2, specifically within the Level Control cluster's periodic server tick logic. When a MoveToLevel command is sent and immediately followed by a write of OperationMode=2 in the Pump Configuration and Control...

7.5CVSS0.00214EPSS
Exploits0References2
nvd
nvd
added 2 days ago5 views

CVE-2025-56361

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic emberAfLevelControlClusterServerTickCallback. When a MoveToLevel command is executed and followed by a conflicting write to the OperationMod...

7.5CVSS0.00207EPSS
Exploits0References2
cve
cve
added 2 days ago7 views

CVE-2025-56361

Summary: A reachable assertion vulnerability exists in the Matter SDK (connectedhomeip) 1.3–1.4 within the Level Control cluster server tick logic (emberAfLevelControlClusterServerTickCallback). If a MoveToLevel command is followed by a conflicting write to the OperationMode attribute in the Pump...

7.5CVSS6AI score0.00207EPSS
Exploits0References2
cvelist
cvelist
added 2 days ago32 views

CVE-2025-56361

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic emberAfLevelControlClusterServerTickCallback. When a MoveToLevel command is executed and followed by a conflicting write to the OperationMod...

0.00207EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2 days ago8 views

PT-2026-58846

Name of the Vulnerable Software and Affected Versions Matter SDK connectedhomeip versions prior to 1.4.2 Description A reachable assertion issue exists within the Level Control cluster's periodic server tick logic. A remote, unauthenticated attacker can cause a denial of service by sending a...

6.1AI score0.00214EPSS
Exploits0References4
nvd
nvd
added 2026/06/25 2:16 p.m.7 views

CVE-2026-47152

In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
nvd
nvd
added 2026/06/25 2:16 p.m.9 views

CVE-2026-47153

In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
cve
cve
added 2026/06/25 1:42 p.m.26 views

CVE-2026-47153

CVE-2026-47153 affects the EmberZNet stack (v9.0.2 and earlier) where a malformed Level Control Step command can terminate the process via a divide-by-zero fault. The issue requires the sender to be a device that has already joined the network and impacts devices that support the Level Control cl...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/25 1:42 p.m.35 views

CVE-2026-47153 Level Control Step With On/Off divide-by-zero in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
euvd
euvd
added 2026/06/25 1:42 p.m.7 views

EUVD-2026-39353

In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2
cve
cve
added 2026/06/25 1:41 p.m.19 views

CVE-2026-47152

CVE-2026-47152 affects EmberZNet v9.0.2 and earlier. A malformed Level Control Move command (from a device already joined to the network, impacting devices that support the Level Control cluster) can trigger a divide-by-zero fault, terminating the process. Impact is aligned with the CVSS data: hi...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/06/25 1:41 p.m.8 views

EUVD-2026-39407

In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/25 1:41 p.m.35 views

CVE-2026-47152 Level Control Move divide-by-zero in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/03/25 12:0 a.m.8 views

PT-2026-28116

IBM Concert 1.0.0 through 2.2.0 could allow a local user to obtain sensitive information due to missing function level access control...

5.1CVSS5.8AI score0.00147EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/01/09 8:57 a.m.5 views

CVE-2023-4149

A vulnerability in the web-based management allows an unauthenticated remote attacker to inject arbitrary system commands and gain full system control. Those commands are executed with root privileges. The vulnerability is located in the user request handling of the web-based management...

9.8CVSS7.5AI score0.01116EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-34390

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00275EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:3 a.m.8 views

CVE-2024-11166

For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control SLC to the lowest setting and disable the Resolution Advisory RA, leading to a...

7.1CVSS6.8AI score0.00275EPSS
Exploits0References1
cve
cve
added 2025/01/22 6:40 p.m.53 views

CVE-2024-11166

The CVE-2024-11166 entry concerns TCAS II systems whose transponders are compliant with MOPS prior to RTCA DO-181F. The vulnerability enables an attacker to impersonate a ground station and issue a Comm-A Identity Request, which can set the Sensitivity Level Control (SLC) to the lowest setting an...

7.1CVSS6.5AI score0.00275EPSS
Exploits0References1
Rows per page
Query Builder