Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zephyrproject vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-3510
Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw...
Zephyrproject Zephyr 1.14.0
Zephyrproject Zephyr 1.14.1
Zephyrproject Zephyr 1.14.2
Zephyrproject Zephyr 1.14.3
Zephyrproject Zephyr 2.5.0
Zephyrproject Zephyr 2.5.1
Zephyrproject Zephyr 2.6.0
Zephyrproject Zephyr 2.6.1
570
VMScore
CVE-2021-3436
BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions >= 1.14.2, >= 2.4.0, >= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https:...
Zephyrproject Zephyr 1.14.2
Zephyrproject Zephyr 2.4.0
Zephyrproject Zephyr 2.5.0
516
VMScore
CVE-2021-3835
Buffer overflow in usb device class. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf
Zephyrproject Zephyr
Zephyrproject Zephyr 3.0.0
668
VMScore
CVE-2020-10022
A malformed JSON payload that is received from an UpdateHub server may trigger memory corruption in the Zephyr OS. This could result in a denial of service in the best case, or code execution in the worst case. See NCC-NCC-016 This issue affects: zephyrproject-rtos zephyr version...
Zephyrproject Zephyr 2.1.0
Zephyrproject Zephyr 2.2.0
409
VMScore
CVE-2020-10023
The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos...
Zephyrproject Zephyr 1.14.1
Zephyrproject Zephyr 2.1.0
641
VMScore
CVE-2020-10024
The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr...
Zephyrproject Zephyr 1.14.2
Zephyrproject Zephyr 2.1.0
641
VMScore
CVE-2020-10027
An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
Zephyrproject Zephyr 1.14.0
Zephyrproject Zephyr 2.1.0
409
VMScore
CVE-2020-10028
Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
Zephyrproject Zephyr 1.14.0
Zephyrproject Zephyr 2.1.0
516
VMScore
CVE-2020-10059
The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-ZEP-018 This issue affects: zephyrproject-...
Zephyrproject Zephyr 2.1.0
Zephyrproject Zephyr 2.2.0
641
VMScore
CVE-2020-10067
A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from denial of service to information leak to memory corruption resulting in code execu...
Zephyrproject Zephyr 1.14.1
Zephyrproject Zephyr 2.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »