ARM mbed TLS up to 2.7.17 LTS/2.16.8 LTS/2.24.x Diffie-Hellman Key Pair Generator mbedtls_mpi_exp_mod denial of service

A vulnerability was found in ARM mbed TLS up to 2.7.17 LTS/2.16.8 LTS/2.24.x. It has been rated as problematic. Affected by this issue is the function mbedtls_mpi_exp_mod of the component Diffie-Hellman Key Pair Generator. Upgrading to version 2.7.18 LTS, 2.16.9 LTS or 2.25.0 eliminates this vulnerability. The upgrade is hosted for download at github.com.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-27982 : SCHNEIDER ELECTRIC IGSS DATA SERVER/IGSS DASHBOARD/CUSTOM REPORTS UP TO 16.0.0.23040 DASHBOARD FILE DATA AUTHENTICITY

CVE-2023-27982 : SCHNEIDER ELECTRIC IGSS DATA SERVER/IGSS DASHBOARD/CUSTOM REPORTS UP TO 16.0.0.23040 DASHBOARD FILE DATA AUTHENTICITY

Description A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard

CVE-2023-1501 : ROCKOA 2.3.2 ACLOUDCOSACTION.PHP.SQL RUNACTION FILEID UNRESTRICTED UPLOAD

CVE-2023-1501 : ROCKOA 2.3.2 ACLOUDCOSACTION.PHP.SQL RUNACTION FILEID UNRESTRICTED UPLOAD

Description A vulnerability, which was classified as critical, was found in RockOA 2.3.2. This affects the function runAction of the

CVE-2023-28116 : CONTIKI-NG UP TO 4.8/4.9 BLE L2CAP MODULE PACKETBUF_SIZE BUFFER OVERFLOW

CVE-2023-28116 : CONTIKI-NG UP TO 4.8/4.9 BLE L2CAP MODULE PACKETBUF_SIZE BUFFER OVERFLOW

Description Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an