VYPR
Vendor

Micrium

Products
3
CVEs
6
Across products
6
Status
Private

Products

3

Recent CVEs

6
  • CVE-2021-26706CriJan 24, 2022
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW.…

  • CVE-2022-24942CriNov 15, 2022
    risk 0.59cvss 9.1epss 0.02

    Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.

  • CVE-2023-51391HigApr 16, 2024
    risk 0.49cvss 7.5epss 0.01

    A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service.

  • CVE-2020-13583HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.02

    A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13582HigJan 26, 2021
    risk 0.49cvss 7.5epss 0.03

    A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2021-27411MedMay 3, 2022
    risk 0.42cvss 6.5epss 0.01

    Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small…