Filtered by vendor Zephyrproject
Subscriptions
Total
110 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0396 | 1 Zephyrproject | 1 Zephyr | 2025-04-03 | 6.8 Medium |
| A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses. | ||||
| CVE-2022-3806 | 1 Zephyrproject | 1 Zephyr | 2025-04-03 | 9.8 Critical |
| Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer. | ||||
| CVE-2023-0397 | 1 Zephyrproject | 1 Zephyr | 2025-04-03 | 9.6 Critical |
| A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete. | ||||
| CVE-2023-7060 | 1 Zephyrproject | 1 Zephyr | 2025-03-27 | 8.6 High |
| Zephyr OS IP packet handling does not properly drop IP packets arriving on an external interface with a source address equal to 127.0.01 or the destination address. | ||||
| CVE-2021-3329 | 1 Zephyrproject | 1 Zephyr | 2025-03-11 | 9.6 Critical |
| Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack | ||||
| CVE-2025-1673 | 1 Zephyrproject | 1 Zephyr | 2025-02-28 | 8.2 High |
| A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation. | ||||
| CVE-2025-1674 | 1 Zephyrproject | 1 Zephyr | 2025-02-28 | 8.2 High |
| A lack of input validation allows for out of bounds reads caused by malicious or malformed packets. | ||||
| CVE-2023-5753 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 6.3 Medium |
| Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c | ||||
| CVE-2023-5139 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 4.4 Medium |
| Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver | ||||
| CVE-2023-4260 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 6.3 Medium |
| Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. | ||||
| CVE-2023-4265 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 6.4 Medium |
| Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L841 | ||||
| CVE-2023-4263 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 7.6 High |
| Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver | ||||
| CVE-2023-4259 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 7.1 High |
| Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code. | ||||
| CVE-2023-4257 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 7.6 High |
| Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows. | ||||
| CVE-2023-3725 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 7.6 High |
| Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem | ||||
| CVE-2023-0779 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 6.7 Medium |
| At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible. | ||||
| CVE-2024-11263 | 2 Zephyrproject, Zephyrproject-rtos | 2 Zephyr, Zephyr | 2025-02-03 | 9.4 Critical |
| When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols. | ||||
| CVE-2024-3332 | 1 Zephyrproject | 1 Zephyr | 2025-02-03 | 6.5 Medium |
| A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device | ||||
| CVE-2024-3077 | 1 Zephyrproject | 1 Zephyr | 2025-01-23 | 6.8 Medium |
| An malicious BLE device can crash BLE victim device by sending malformed gatt packet | ||||
| CVE-2023-6881 | 1 Zephyrproject | 1 Zephyr | 2025-01-23 | 7.3 High |
| Possible buffer overflow in is_mount_point | ||||