Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zephyr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise up to and including 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
Smartbear Zephyr Enterprise
NA
CVE-2021-3329
Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack
Zephyrproject Zephyr 2.4.0
7.5
CVSSv2
CVE-2018-1000800
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). This attack appear to be exploitable via a malicious application call the vulnerable kernel APIs (s...
Zephyrproject Zephyr 1.12.0
2.1
CVSSv2
CVE-2020-2145
Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and previous versions stores its Zephyr password in plain text on the Jenkins master file system.
Jenkins Zephyr Enterprise Test Management
4.3
CVSSv2
CVE-2019-1003084
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows malicious users to initiate a connection to an attacker-specified server.
Jenkins Zephyr Enterprise Test Management
4
CVSSv2
CVE-2019-1003085
A missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
Jenkins Zephyr Enterprise Test Management
2.1
CVSSv2
CVE-2020-2154
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions stores its credentials in plain text in a global configuration file on the Jenkins master file system.
Jenkins Zephyr For Jira Test Management
4.3
CVSSv2
CVE-2020-2215
A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions allows malicious users to connect to an attacker-specified HTTP server using attacker-specified username and password.
Jenkins Zephyr For Jira Test Management
4
CVSSv2
CVE-2020-2216
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password.
Jenkins Zephyr For Jira Test Management
NA
CVE-2023-4261
HNS-2023-03 - HN Security Advisory - Multiple vulnerabilities in Zephyr RTOS
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »