Lucene search
K

159 matches found

CNNVD
CNNVD
added 2024/03/27 12:0 a.m.4 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. A security vulnerability exists in RT-Thread version 5.0.2, which stems from the calcrandom method in drivers/misc/rtrandom.c that uses a weak algorithm to generate random numbers...

7.5CVSS6.7AI score0.00816EPSS
Exploits0References5
CVE
CVE
added 2024/03/27 12:0 a.m.77 views

CVE-2024-24334

RT-Thread suffers a heap buffer overflow in dfs_v2 dfs_file (through version 5.0.2). The issue arises from improper validation of input data length in the dfs_v2/dfs_file path, enabling memory corruption that can lead to code execution or a denial of service. Affected software: RT-Thread RTOS; vu...

8.4CVSS7.3AI score0.00404EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.3 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from dfsv2 dfsfile failing to properly validate the length size of input data, which can be exploited by a remote attacker to execute...

8.4CVSS8.1AI score0.00404EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.3 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from net/at/src/atserver.c failing to properly validate the length size of input data, which can be exploited by remote attackers to execute...

9.8CVSS8.1AI score0.0107EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/27 12:0 a.m.9 views

CVE-2024-25390

A heap buffer overflow occurs in finsh/mshfile.c and finsh/msh.c in RT-Thread through 5.0.2...

7.5AI score0.00323EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.4 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from an incorrect sprintf call or a missing "" character, resulting in a buffer overflow...

4.3CVSS7AI score0.00637EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.5 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from a stack-based buffer overflow in libc/posix/ipc/mqueue.c. The vulnerability is caused by the presence of a stack-based buffer...

8.4CVSS7.2AI score0.00323EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.3 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from the dfsv2 romfs file failing to properly validate the length size of input data, which can be exploited by remote attackers to execute...

8.4CVSS8.1AI score0.00404EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/03/27 12:0 a.m.13 views

CVE-2024-24335

A heap buffer overflow occurs in the dfsv2 romfs filesystem RT-Thread through 5.0.2...

7.5AI score0.00404EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/03/27 12:0 a.m.18 views

CVE-2024-25392

An out-of-bounds access occurs in utilities/varexport/varexport.c in RT-Thread through 5.0.2...

7AI score0.0028EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/27 12:0 a.m.11 views

CVE-2024-25394

A buffer overflow occurs in utilities/ymodem/rysy.c in RT-Thread through 5.0.2 because of an incorrect sprintf call or a missing '\0' character...

7.4AI score0.00637EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.4 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from a heap-based buffer overflow in finsh/mshfile.c and finsh/msh.c. The vulnerability is caused by the presence of a heap-based...

8.4CVSS7.2AI score0.00323EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/27 12:0 a.m.18 views

CVE-2024-25388

drivers/wlan/wlanmgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow...

7.2AI score0.00323EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.4 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from a heap-based buffer overflow in drivers/wlan/wlanmgmt.c. The vulnerability is caused by the presence of a heap-based buffer...

8.4CVSS7.2AI score0.00323EPSS
Exploits0References5
CVE
CVE
added 2024/03/27 12:0 a.m.80 views

CVE-2024-25394

The CVE-2024-25394 issue affects RT-Thread RTOS up to version 5.0.2, specifically in utilities/ymodem/ry_sy.c, caused by an incorrect sprintf call or a missing '\0'. The buffer overflow is documented across multiple sources (NVD/Red Hat/OSV/CVE records) with no public exploit details provided in ...

4.3CVSS7.3AI score0.00637EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2024/03/27 12:0 a.m.16 views

CVE-2024-25390

A heap buffer overflow occurs in finsh/mshfile.c and finsh/msh.c in RT-Thread through 5.0.2...

7.4AI score0.00323EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/03/27 12:0 a.m.20 views

CVE-2024-24334

A heap buffer overflow occurs in dfsv2 dfsfile in RT-Thread through 5.0.2...

7.3AI score0.00404EPSS
Exploits0References6
CVE
CVE
added 2024/03/27 12:0 a.m.87 views

CVE-2024-25393

The CVE-2024-25393 entry concerns RT-Thread up to version 5.0.2, where a stack buffer overflow exists in net/at/src/at_server.c due to insufficient validation of input length. This vulnerability can enable remote attackers to execute arbitrary code or cause a denial of service. The CVSS score is ...

9.8CVSS7.3AI score0.0107EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.2 views

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from an out-of-bounds access in utilities/varexport/varexport.c. The vulnerability is caused by an out-of-bounds access in...

5.9CVSS6.8AI score0.0028EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/27 12:0 a.m.15 views

CVE-2024-25389

RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...

6.9AI score0.00816EPSS
Exploits0References5
Rows per page
Query Builder