Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. Designed for microcontrollers with limited resources. The main design goals were a small footprint and simple C/C++ interoperability. A denial of service vulnerability exists in the Cesanta MJS mjsarraylength function,...

Microchip SAM 安全漏洞

Microchip SAM is a family of microprocessors and microcontrollers from Microchip Technology USA. A security vulnerability exists in the Microchip SAM family of products, which arises from a voltage spike during controller startup that allows access to the memory bus through the debug interface...

PT-2024-32667

Name of the Vulnerable Software and Affected Versions: Microchip SAM E70/S70/V70/V71 microcontrollers Microchip SAM G55 microcontrollers Microchip SAM 4C/4S/4N/4E microcontrollers Microchip SAM 3S/3N/3U microcontrollers Description: A voltage glitch during the startup of EEFC NVM controllers allo...

CVE-2024-32017

CVE-2024-32017 affects RIOT OS. The issue is a buffer overflow in gcoap DNS server proxy logic: a typo causes a length check of _uri instead of _proxy, risking overflow in subsequent strcpy. Additionally, _gcoap_forward_proxy_copy_options() lacks explicit bounds before copying into cep->req_et...

CVE-2024-32883

MCUboot is a secure bootloader for 32-bits microcontrollers. MCUboot uses a TLV tag-length-value structure to represent the meta data associated with an image. The TLVs themselves are divided into two sections, a protected and an unprotected section. The protected TLV entries are included as part...

MCUboot 安全漏洞

MCUboot is an open source secure bootloader for 32-bit microcontrollers from mcu-tools. A security vulnerability exists in MCUboot. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...

CVE-2024-29019

ESPHome is a system to control microcontrollers remotely through Home Automation systems. API endpoints in dashboard component of ESPHome version 2023.12.9 command line installation are vulnerable to Cross-Site Request Forgery CSRF allowing remote attackers to carry out attacks against a logged...

Code injection

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

CVE-2024-28115 Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

CVE-2024-28115 Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

Cesanta MJS Denial of Service Vulnerability (CNVD-2024-34384)

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. Designed for microcontrollers with limited resources. The main design goals were a small footprint and simple C/C++ interoperability. Cesanta MJS has a denial of service vulnerability that can be exploited by an attacker...

Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. Designed for microcontrollers with limited resources. The main design goals were a small footprint and simple C/C++ interoperability. Cesanta MJS has a denial of service vulnerability that can be exploited by an attacker...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS version v.1.26. An attacker has...

Cesanta MJS Denial of Service Vulnerability (CNVD-2023-29378)

Cesanta MJS is a JavaScript engine designed for microcontrollers with limited resources. Cesanta MJS version 2.20.0 contains a denial of service vulnerability that can be exploited by attackers to launch a denial of service attack...

Cesanta MJS 安全漏洞

Cesanta MJS is a JavaScript engine designed for microcontrollers with limited resources. Cesanta MJS version 2.20.0 contains a denial of service vulnerability that can be exploited by attackers to launch a denial of service attack...

Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors

Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what's called the application processor AP, it's just one of the many processors of a system-on-chip SoC that cater to various tasks like...

What’s the smallest variety of CHERI?

The Portmeirion project is a collaboration between Microsoft Research Cambridge, Microsoft Security Response Center, and Azure Silicon Engineering & Solutions. Over the past year, we have been exploring how to scale the key ideas from CHERI down to tiny cores on the scale of the cheapest...

What’s the smallest variety of CHERI?

The Portmeirion project is a collaboration between Microsoft Research Cambridge, Microsoft Security Response Center, and Azure Silicon Engineering & Solutions. Over the past year, we have been exploring how to scale the key ideas from CHERI down to tiny cores on the scale of the cheapest...

What’s the smallest variety of CHERI?

The Portmeirion project is a collaboration between Microsoft Research Cambridge, Microsoft Security Response Center, and Azure Silicon Engineering & Solutions. Over the past year, we have been exploring how to scale the key ideas from CHERI down to tiny cores on the scale of the cheapest...

Cesanta MJS 代码问题漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...