| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-53845 | AES/CBC Constant IV Vulnerability in ESPTouch v2 | espressif | esp-idf | 中危 | - | 2024-12-11 22:35:49 | Deep Dive |
| CVE-2024-42483 | ESP-NOW Replay Attacks Vulnerability | espressif | esp-now | Medium | 6.5 | 2024-09-12 14:12:18 | Deep Dive |
| CVE-2024-42484 | ESP-NOW OOB Vulnerability In Group Type Message | espressif | esp-now | Medium | 6.5 | 2024-09-12 14:12:13 | Deep Dive |
| CVE-2024-7269 | Stored XSS in ConnX ESP HR Management | ConnX | ESP HR Management | - | - | 2024-08-28 10:29:49 | Deep Dive |
| CVE-2024-28183 | Anti Rollback bypass with physical access and TOCTOU attack | espressif | esp-idf | Medium | 6.1 | 2024-03-25 14:31:28 | Deep Dive |
| CVE-2023-49262 | Buffer overflow vulnerability in Cookie authentication field | Hongdian | H8951-4G-ESP | 超危 | - | 2024-01-12 14:25:37 | Deep Dive |
| CVE-2023-49261 | Sensitive authentication-related value accessible publicly | Hongdian | H8951-4G-ESP | 高危 | - | 2024-01-12 14:25:27 | Deep Dive |
| CVE-2023-49260 | Stored cross-site scripting vulnerability | Hongdian | H8951-4G-ESP | 中危 | - | 2024-01-12 14:25:18 | Deep Dive |
| CVE-2023-49259 | Bruteforcing authentication cookie for a given user | Hongdian | H8951-4G-ESP | 高危 | - | 2024-01-12 14:25:12 | Deep Dive |
| CVE-2023-49258 | Reflected cross-site scripting vulnerability | Hongdian | H8951-4G-ESP | 中危 | - | 2024-01-12 14:24:57 | Deep Dive |
| CVE-2023-49257 | Command execution using the certificate upload utility | Hongdian | H8951-4G-ESP | 高危 | - | 2024-01-12 14:24:32 | Deep Dive |
| CVE-2023-49256 | Predictable encryption passphrase used in publicly accessible configuration file | Hongdian | H8951-4G-ESP | 高危 | - | 2024-01-12 14:24:20 | Deep Dive |
| CVE-2023-49255 | Router console accessible without authentication | Hongdian | H8951-4G-ESP | 超危 | - | 2024-01-12 14:23:54 | Deep Dive |
| CVE-2023-49254 | Command injection in the network test tools | Hongdian | H8951-4G-ESP | 高危 | - | 2024-01-12 14:23:42 | Deep Dive |
| CVE-2023-49253 | Predefined root password | Hongdian | H8951-4G-ESP | 超危 | - | 2024-01-12 14:23:27 | Deep Dive |
| CVE-2023-41357 | Galaxy Software Services Vitals ESP - Arbitrary File Upload | Galaxy Software Services | Vitals ESP | High | 8.8 | 2023-11-03 06:09:18 | Deep Dive |
| CVE-2023-37291 | Galaxy Software Services Vitals ESP - Use of Hard-coded Cryptographic Key | Galaxy Software Services | Vitals ESP | High | 8.6 | 2023-07-21 03:02:50 | Deep Dive |
| CVE-2023-30845 | ESPv2 vulnerable to JWT authentication bypass via `X-HTTP-Method-Override` header | GoogleCloudPlatform | esp-v2 | High | 8.2 | 2023-04-26 20:46:25 | Deep Dive |
| CVE-2022-46309 | Galaxy Software Services Corporation. Vitals ESP - Arbitrary Path File Reading | Galaxy Software Services Corporation. | Vitals ESP | Medium | 6.5 | 2023-01-03 00:00:00 | Deep Dive |
| CVE-2022-24893 | Espressif Bluetooth Mesh Stack Vulnerable to Out-of-bounds Write leading to memory buffer corruption | espressif | esp-idf | High | 7.5 | 2022-06-25 06:55:09 | Deep Dive |