Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

creative

Source -

NVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated ProductsRelated AssignersReports
3Vulnerabilities found
CVE-2021-38546
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.29% / 52.13%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 15:25
Updated-04 Aug, 2024 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a device's power indicator LED is correlative to the power consumption. The sound played by the speakers affects their power consumption and as a result is also correlative to the light intensity of the LEDs. By analyzing measurements obtained from an electro-optical sensor directed at the power indicator LEDs of the speakers, we can recover the sound played by them.

Action-Not Available
Vendor-creativen/a
Product-pebble_plus_firmwarepebble_v3pebble_v2pebble_v2_firmwarepebblepebble_pluspebble_firmwarepebble_v3_firmwaren/a
CVE-2010-0990
Assigner-Flexera Software LLC
ShareView Details
Assigner-Flexera Software LLC
CVSS Score-10||HIGH
EPSS-7.27% / 91.27%
||
7 Day CHG~0.00%
Published-14 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method.

Action-Not Available
Vendor-creativen/a
Product-autoupdateautoupdate_engine_activex_controln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0955
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-9.3||HIGH
EPSS-73.96% / 98.77%
||
7 Day CHG~0.00%
Published-29 May, 2008 | 16:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value.

Action-Not Available
Vendor-creativen/a
Product-creative_software_autoupdate_enginen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer