Vulnerabilities > ST
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-36629 | Out-of-bounds Read vulnerability in ST St54-Android-Packages-Apps-Nfc 1202021081921W33P1/1202021092921W39P0/1302022092922W39P0 The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read. | 5.5 |
| 2024-01-01 | CVE-2023-50096 | Classic Buffer Overflow vulnerability in ST X-Cube-Safea1 1.2.0 STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. | 7.5 |
| 2022-10-21 | CVE-2021-42553 | Classic Buffer Overflow vulnerability in ST Stm32 MW USB Host A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. | 9.8 |
| 2022-03-04 | CVE-2021-43392 | Improper Verification of Cryptographic Signature vulnerability in ST J-Safe3 Firmware and Stsafe-J Firmware STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. | 1.9 |
| 2022-03-04 | CVE-2021-43393 | Improper Verification of Cryptographic Signature vulnerability in ST J-Safe3 Firmware and Stsafe-J Firmware STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. | 1.9 |
| 2021-07-22 | CVE-2021-34259 | Classic Buffer Overflow vulnerability in ST Stm32Cube Middleware A buffer overflow vulnerability in the USBH_ParseCfgDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code. | 4.6 |
| 2021-07-22 | CVE-2021-34260 | Classic Buffer Overflow vulnerability in ST Stm32Cube Middleware A buffer overflow vulnerability in the USBH_ParseInterfaceDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code. | 4.6 |
| 2021-07-22 | CVE-2021-34261 | Unspecified vulnerability in ST Stm32Cube Middleware An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when trying to set a remote wake-up feature. | 2.1 |
| 2021-07-22 | CVE-2021-34262 | Classic Buffer Overflow vulnerability in ST Stm32Cube Middleware A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code. | 4.6 |
| 2021-07-22 | CVE-2021-34267 | Unspecified vulnerability in ST Stm32Cube Middleware An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endpoint. | 2.1 |