Vulnerabilities > Silabs > Gecko Software Development KIT > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-02 CVE-2023-4280 Unspecified vulnerability in Silabs Gecko Software Development KIT
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.
network
low complexity
silabs
critical
 9.8
9.8
2023-12-15 CVE-2023-4020 Unspecified vulnerability in Silabs Gecko Software Development KIT
An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory.
network
low complexity
silabs
critical
 9.1
9.1
2023-11-14 CVE-2023-31247 Out-of-bounds Write vulnerability in multiple products
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-28391 Out-of-bounds Write vulnerability in multiple products
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-28379 Out-of-bounds Write vulnerability in multiple products
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-27882 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-25181 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-24585 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-06-15 CVE-2023-2686 Classic Buffer Overflow vulnerability in Silabs Gecko Software Development KIT
Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack.
network
low complexity
silabs CWE-120
critical
 9.8
9.8