EUVD-2022-29490

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-5167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function...

CVE-2025-5167

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function LWOImporter::GetS0 in the library assimp/code/AssetLib/LWO/LWOLoader.h. The manipulation of the argument out leads to out-of-bounds read. The...

CVE-2022-24611

Denial of Service DoS in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs...

CVE-2024-22472 Long S0 frames received by 500 series Z-Wave devices may cause buffer overflow

A buffer Overflow vulnerability in Silicon Labs 500 Series Z-Wave devices may allow Denial of Service, and potential Remote Code execution This issue affects all versions of Silicon Labs 500 Series SDK prior to v6.85.2 running on Silicon Labs 500 series Z-wave devices...

CVE-2023-4489

The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access...

CVE-2023-4489 Z/IP Gateway Use of Uninitialized PRNG when Generating S0 Encryption Key

The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access...

Silicon Labs Gecko SDK Security Vulnerability

The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A security vulnerability exists in Silicon Labs Gecko SDK v7.18.3 and prior versions, which stems from a...

CVE-2023-0971

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered...

CVE-2023-0971 Command Authentication Bypass in Z/IP Gateway

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered...

CVE-2022-24611

Denial of Service DoS in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs...

Design/Logic Flaw

Denial of Service DoS in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs...

CVE-2022-24611

Denial of Service DoS in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs...

CVE-2022-24611

The vulnerability CVE-2022-24611 affects Silicon Labs Z-Wave 500 series devices, specifically the Z-Wave S0 NonceGet protocol. The root cause is a DoS condition where crafted S0 NonceGet Z-Wave packets, using included but absent NodeIDs, allow local attackers to block S0/S2 protected Z-Wave netwo...

CVE-2021-33317

The TRENDnet TI-PG1284i switchhw v2.0R prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an...

TRENDnet TI-PG Series 输入验证错误漏洞

The TRENDnet TI-PG Series is a series of switches from TRENDnet. A security vulnerability exists in TRENDnet TI-PG1284i versions prior to 2.0.2.S0, no details of the vulnerability are provided at this time...

TRENDnet TI-PG Series 输入验证错误漏洞

The TRENDnet TI-PG Series is a series of switches from TRENDnet. A security vulnerability exists in TRENDnet TI-PG1284i versions prior to 2.0.2.S0, no details of the vulnerability are provided at this time...

CVE-2018-25029

The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability CVE-2013-20003 to intercept and spoof traffic...

Code injection

Z-Wave devices from Sierra Designs circa 2013 and Silicon Labs using S0 security may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic...

CVE-2013-20003

Z-Wave devices from Sierra Designs circa 2013 and Silicon Labs using S0 security may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic...