CVE Tools

st

Operating SystemsCHcommercial

14

Cumulative CVEs

3

Monthly snapshots

#70

Peak rank

Top products

x-cube-azrt-h7rs7 x-cube-azrtos-f47 x-cube-azrtos-f77

Latest CVEs

The 15 most recently published vulnerabilities affecting st.

CVE-2024-45064A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code ex...8.5Apr 2, 2025
CVE-2024-50385A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of servi...6.5Apr 2, 2025
CVE-2024-50384A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of servi...6.5Apr 2, 2025
CVE-2024-50595An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denia...4.3Apr 2, 2025
CVE-2024-50594An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denia...4.3Apr 2, 2025
CVE-2024-50597An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service...4.3Apr 2, 2025
CVE-2024-50596An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service...4.3Apr 2, 2025
CVE-2023-36629The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read.5.5Jan 9, 2024
CVE-2023-50096STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buf...7.5Jan 1, 2024
CVE-2021-42553STM32 USB Host Library Buffer Overflow6.8Oct 21, 2022
CVE-2021-43392STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the J...6.2Mar 4, 2022
CVE-2021-43393STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE...6.2Mar 4, 2022
CVE-2021-34268An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malformed USB device packet.4.6Jul 22, 2021
CVE-2021-34267An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endp...4.6Jul 22, 2021
CVE-2021-34262A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.6.8Jul 22, 2021