Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
st vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2021-34262
A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows malicious users to execute arbitrary code.
St Stm32cube Middleware
2.1
CVSSv2
CVE-2021-34267
An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endpoint.
St Stm32cube Middleware
2.1
CVSSv2
CVE-2021-34268
An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malformed USB device packet.
St Stm32cube Middleware
2.1
CVSSv2
CVE-2021-34261
An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when trying to set a remote wake-up feature.
St Stm32cube Middleware
3.6
CVSSv2
CVE-2021-29414
STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.
St Stm32cubel4 Firmware
4.4
CVSSv2
CVE-2020-27212
STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase.
St Stm32cubel4 Firmware
5
CVSSv2
CVE-2020-8004
STMicroelectronics STM32F1 devices have Incorrect Access Control.
St Stm32f1 Firmware -
2 Github repositories
4.6
CVSSv2
CVE-2021-34260
A buffer overflow vulnerability in the USBH_ParseInterfaceDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows malicious users to execute arbitrary code.
St Stm32cube Middleware
7.2
CVSSv2
CVE-2020-13466
STMicroelectronics STM32F103 devices through 2020-05-20 allow physical malicious users to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.
St Stm32f103 Firmware
1 Github repository
NA
CVE-2023-27450
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.29.2 versions.
Te-st Leyka
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »