Vulnerabilities > ST > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-36629 | Out-of-bounds Read vulnerability in ST St54-Android-Packages-Apps-Nfc 1202021081921W33P1/1202021092921W39P0/1302022092922W39P0 The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read. | 5.5 |
| 2022-03-04 | CVE-2021-43392 | Improper Verification of Cryptographic Signature vulnerability in ST J-Safe3 Firmware and Stsafe-J Firmware STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. | 6.2 |
| 2022-03-04 | CVE-2021-43393 | Improper Verification of Cryptographic Signature vulnerability in ST J-Safe3 Firmware and Stsafe-J Firmware STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. | 6.2 |
| 2021-07-22 | CVE-2021-34259 | Classic Buffer Overflow vulnerability in ST Stm32Cube Middleware A buffer overflow vulnerability in the USBH_ParseCfgDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code. | 6.8 |
| 2021-07-22 | CVE-2021-34260 | Classic Buffer Overflow vulnerability in ST Stm32Cube Middleware A buffer overflow vulnerability in the USBH_ParseInterfaceDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code. | 6.8 |
| 2021-07-22 | CVE-2021-34261 | Unspecified vulnerability in ST Stm32Cube Middleware An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when trying to set a remote wake-up feature. low complexity st | 4.6 |
| 2021-07-22 | CVE-2021-34262 | Classic Buffer Overflow vulnerability in ST Stm32Cube Middleware A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code. | 6.8 |
| 2021-07-22 | CVE-2021-34267 | Unspecified vulnerability in ST Stm32Cube Middleware An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endpoint. low complexity st | 4.6 |
| 2021-07-22 | CVE-2021-34268 | Unspecified vulnerability in ST Stm32Cube Middleware An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malformed USB device packet. low complexity st | 4.6 |
| 2021-05-21 | CVE-2021-29414 | Injection vulnerability in ST Stm32Cubel4 Firmware STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control. | 6.1 |