Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zephyr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22890
SmartBear Zephyr Enterprise up to and including 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.
Smartbear Zephyr Enterprise
NA
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise up to and including 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
Smartbear Zephyr Enterprise
409
VMScore
CVE-2020-10058
Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions.
Zephyrproject Zephyr 2.1.0
187
VMScore
CVE-2020-2145
Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and previous versions stores its Zephyr password in plain text on the Jenkins master file system.
Jenkins Zephyr Enterprise Test Management
383
VMScore
CVE-2019-1003084
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows malicious users to initiate a connection to an attacker-specified server.
Jenkins Zephyr Enterprise Test Management
356
VMScore
CVE-2019-1003085
A missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
Jenkins Zephyr Enterprise Test Management
187
VMScore
CVE-2020-2154
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions stores its credentials in plain text in a global configuration file on the Jenkins master file system.
Jenkins Zephyr For Jira Test Management
383
VMScore
CVE-2020-2215
A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions allows malicious users to connect to an attacker-specified HTTP server using attacker-specified username and password.
Jenkins Zephyr For Jira Test Management
356
VMScore
CVE-2020-2216
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password.
Jenkins Zephyr For Jira Test Management
NA
CVE-2023-4261
HNS-2023-03 - HN Security Advisory - Multiple vulnerabilities in Zephyr RTOS
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10