Vulnerabilities > ST > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-04 | CVE-2021-43393 | Improper Verification of Cryptographic Signature vulnerability in ST J-Safe3 Firmware and Stsafe-J Firmware STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. | 1.9 |
2022-03-04 | CVE-2021-43392 | Improper Verification of Cryptographic Signature vulnerability in ST J-Safe3 Firmware and Stsafe-J Firmware STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. | 1.9 |
2021-07-22 | CVE-2021-34268 | Unspecified vulnerability in ST Stm32Cube Middleware An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malformed USB device packet. | 2.1 |
2021-07-22 | CVE-2021-34267 | Unspecified vulnerability in ST Stm32Cube Middleware An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endpoint. | 2.1 |
2021-07-22 | CVE-2021-34261 | Unspecified vulnerability in ST Stm32Cube Middleware An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when trying to set a remote wake-up feature. | 2.1 |
2021-05-21 | CVE-2021-29414 | Injection vulnerability in ST Stm32Cubel4 Firmware STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control. | 3.6 |
2020-02-12 | CVE-2019-19192 | Improper Input Validation vulnerability in ST Bluenrg-2 and Wb55 The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets. | 3.3 |