Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zephyr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22891
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise up to and including 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.
Smartbear Zephyr Enterprise
NA
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise up to and including 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
Smartbear Zephyr Enterprise
668
VMScore
CVE-2018-1000800
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). This attack appear to be exploitable via a malicious application call the vulnerable kernel APIs (s...
Zephyrproject Zephyr 1.12.0
383
VMScore
CVE-2019-1003084
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows malicious users to initiate a connection to an attacker-specified server.
Jenkins Zephyr Enterprise Test Management
356
VMScore
CVE-2019-1003085
A missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
Jenkins Zephyr Enterprise Test Management
187
VMScore
CVE-2020-2145
Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and previous versions stores its Zephyr password in plain text on the Jenkins master file system.
Jenkins Zephyr Enterprise Test Management
187
VMScore
CVE-2020-2154
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions stores its credentials in plain text in a global configuration file on the Jenkins master file system.
Jenkins Zephyr For Jira Test Management
383
VMScore
CVE-2020-2215
A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions allows malicious users to connect to an attacker-specified HTTP server using attacker-specified username and password.
Jenkins Zephyr For Jira Test Management
356
VMScore
CVE-2020-2216
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password.
Jenkins Zephyr For Jira Test Management
NA
CVE-2023-4261
HNS-2023-03 - HN Security Advisory - Multiple vulnerabilities in Zephyr RTOS
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »