Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nxp mcuxpresso software development kit vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-27421
NXP MCUXpresso SDK versions before 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of me...
Nxp Mcuxpresso Software Development Kit
1 Github repository
8.8
CVSSv3
CVE-2019-17519
The Bluetooth Low Energy implementation on NXP SDK up to and including 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet.
Nxp Mcuxpresso Software Development Kit
7.8
CVSSv3
CVE-2021-38258
NXP MCUXpresso SDK v2.7.0 exists to contain a buffer overflow in the function USB_HostProcessCallback().
Nxp Mcuxpresso Software Development Kit 2.7.0
7.8
CVSSv3
CVE-2021-38260
NXP MCUXpresso SDK v2.7.0 exists to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor().
Nxp Mcuxpresso Software Development Kit 2.7.0
6.5
CVSSv3
CVE-2019-17060
The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and previous versions) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a...
Nxp Mcuxpresso Software Development Kit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267
XML injection
CVE-2024-37673
CVE-2024-6266
CVE-2024-30078
arbitrary
CVE-2024-36886
CVE-2024-5346
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started