Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zephyr vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise up to and including 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
Smartbear Zephyr Enterprise
6.5
CVSSv3
CVE-2021-3329
Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack
Zephyrproject Zephyr 2.4.0
9.8
CVSSv3
CVE-2018-1000800
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). This attack appear to be exploitable via a malicious application call the vulnerable kernel APIs (s...
Zephyrproject Zephyr 1.12.0
5.5
CVSSv3
CVE-2020-2145
Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and previous versions stores its Zephyr password in plain text on the Jenkins master file system.
Jenkins Zephyr Enterprise Test Management
6.5
CVSSv3
CVE-2019-1003084
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows malicious users to initiate a connection to an attacker-specified server.
Jenkins Zephyr Enterprise Test Management
6.5
CVSSv3
CVE-2019-1003085
A missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
Jenkins Zephyr Enterprise Test Management
5.5
CVSSv3
CVE-2020-2154
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions stores its credentials in plain text in a global configuration file on the Jenkins master file system.
Jenkins Zephyr For Jira Test Management
4.3
CVSSv3
CVE-2020-2215
A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions allows malicious users to connect to an attacker-specified HTTP server using attacker-specified username and password.
Jenkins Zephyr For Jira Test Management
4.3
CVSSv3
CVE-2020-2216
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password.
Jenkins Zephyr For Jira Test Management
NA
CVE-2023-4261
HNS-2023-03 - HN Security Advisory - Multiple vulnerabilities in Zephyr RTOS
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10