Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Weston-embedded Subscribe
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-28391 2 Silabs, Weston-embedded 3 Gecko Software Development Kit, Cesium Net, Uc-http 2023-12-10 N/A 9.8 CRITICAL
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2023-25181 2 Silabs, Weston-embedded 3 Gecko Software Development Kit, Cesium Net, Uc-http 2023-12-10 N/A 9.8 CRITICAL
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2023-28379 2 Silabs, Weston-embedded 3 Gecko Software Development Kit, Cesium Net, Uc-http 2023-12-10 N/A 9.8 CRITICAL
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2023-27882 2 Silabs, Weston-embedded 3 Gecko Software Development Kit, Cesium Net, Uc-http 2023-12-10 N/A 9.8 CRITICAL
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2023-24585 2 Silabs, Weston-embedded 3 Gecko Software Development Kit, Cesium Net, Uc-http 2023-12-10 N/A 9.8 CRITICAL
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
CVE-2023-31247 2 Silabs, Weston-embedded 3 Gecko Software Development Kit, Cesium Net, Uc-http 2023-12-10 N/A 9.8 CRITICAL
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2022-46377 1 Weston-embedded 1 Uc-ftps 2023-12-10 N/A 7.5 HIGH
An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no IP address argument is provided to the `PORT` command.
CVE-2022-41985 1 Weston-embedded 1 Uc-ftps 2023-12-10 N/A 7.5 HIGH
An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.
CVE-2022-46378 1 Weston-embedded 1 Uc-ftps 2023-12-10 N/A 7.5 HIGH
An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no port argument is provided to the `PORT` command.