Filtered by vendor Roku
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6324 | 4 Owletcare, Roku, Throughtek and 1 more | 9 Cam, Cam 2, Cam 2 Firmware and 6 more | 2025-02-11 | 8.1 High |
| ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity | ||||
| CVE-2023-6323 | 4 Owletcare, Roku, Throughtek and 1 more | 9 Cam, Cam 2, Cam 2 Firmware and 6 more | 2025-02-11 | 4.3 Medium |
| ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server. | ||||
| CVE-2023-6322 | 3 Roku, Throughtek, Wyze | 5 Indoor Camera Se, Indoor Camera Se Firmware, Kalay Platform and 2 more | 2025-02-11 | 7.2 High |
| A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability. | ||||
| CVE-2022-27152 | 1 Roku | 11 Express, Express 4k\+, Roku Os and 8 more | 2024-11-21 | 5.7 Medium |
| Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification. | ||||
| CVE-2018-11314 | 1 Roku | 2 Roku, Roku Firmware | 2024-11-21 | N/A |
| The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker. | ||||
Page 1 of 1.