Vulnerabilidades em Silicon Labs
50 resultadosCVE-2023-27882CRITICALA heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specEPSS 1.8%CVE-2023-45318CRITICALA heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A speciallEPSS 1.7%CVE-2023-25181CRITICALA heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted EPSS 1.7%CVE-2023-28379CRITICALA memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially craEPSS 1.7%CVE-2023-31247CRITICALA memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specialEPSS 1.7%CVE-2023-28391CRITICALA memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafEPSS 1.5%CVE-2023-24585HIGHAn out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted networEPSS 1.2%CVE-2024-23938HIGHSilicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution VulnerabilityEPSS 0.9%CVE-2020-9059—Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leadinEPSS 0.8%CVE-2023-39541MEDIUMA denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially craEPSS 0.8%CVE-2023-39540MEDIUMA denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially craEPSS 0.8%CVE-2024-22472HIGHLong S0 frames received by 500 series Z-Wave devices may cause buffer overflowEPSS 0.8%CVE-2020-9061—Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10EPSS 0.7%CVE-2020-10137—Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowEPSS 0.7%CVE-2022-24937MEDIUMMalformed Zigbee packet causes Assert in EmberZNet 7.0.0 or earlierEPSS 0.7%CVE-2018-25029—The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radioEPSS 0.6%CVE-2023-41094CRITICALTouchlink authentication bypass due to packets processed after timeout or out of range in Ember ZNetEPSS 0.6%CVE-2013-20003—Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowEPSS 0.6%CVE-2020-9060—Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZENEPSS 0.5%CVE-2024-23973HIGHSilicon Labs Gecko OS HTTP GET Request Handling Stack-based Buffer OverflowEPSS 0.5%