| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-39552 | WordPress Zephyr Project Manager plugin <= 3.3.200 - Broken Access Control Vulnerability | Dylan James | Zephyr Project Manager | Medium | 5.4 | 2025-04-16 12:44:36 | Deep Dive |
| CVE-2025-1675 | Out of bounds read in dns_copy_qname | zephyrproject-rtos | Zephyr | High | 8.2 | 2025-02-25 07:22:36 | Deep Dive |
| CVE-2025-1674 | Out of bounds read when unpacking DNS answers | zephyrproject-rtos | Zephyr | High | 8.2 | 2025-02-25 07:18:52 | Deep Dive |
| CVE-2025-1673 | Out of bounds read when calling crc16_ansi and strlen in dns_validate_msg | zephyrproject-rtos | Zephyr | High | 8.2 | 2025-02-25 07:12:13 | Deep Dive |
| CVE-2024-10395 | net: lib: http_server: Buffer Under-read | zephyrproject-rtos | Zephyr | High | 8.6 | 2025-02-03 06:59:22 | Deep Dive |
| CVE-2025-22814 | WordPress Zephyr Admin Theme Plugin <= 1.4.1 - CSRF to Stored XSS vulnerability | Dylan James | Zephyr Admin Theme | High | 7.1 | 2025-01-09 15:39:04 | Deep Dive |
| CVE-2024-8798 | Bluetooth: classic: avdtp: missing buffer length check | zephyrproject-rtos | Zephyr | High | 7.5 | 2024-12-15 23:23:31 | Deep Dive |
| CVE-2024-11263 | arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y | zephyrproject-rtos | Zephyr | Critical | 9.3 | 2024-11-15 22:53:59 | Deep Dive |
| CVE-2024-6444 | Bluetooth: ots: missing buffer length check | zephyrproject-rtos | Zephyr | Medium | 6.3 | 2024-10-04 06:14:26 | Deep Dive |
| CVE-2024-6443 | zephyr: out-of-bound read in utf8_trunc | zephyrproject-rtos | Zephyr | Medium | 6.3 | 2024-10-04 05:56:30 | Deep Dive |
| CVE-2024-6442 | Bluetooth: ASCS Unchecked tailroom of the response buffer | zephyrproject-rtos | Zephyr | Medium | 6.3 | 2024-10-04 05:36:10 | Deep Dive |
| CVE-2024-6259 | BT: HCI: adv_ext_report Improper discarding in adv_ext_report | zephyrproject-rtos | Zephyr | High | 7.6 | 2024-09-13 20:17:59 | Deep Dive |
| CVE-2024-6137 | BT: Classic: SDP OOB access in get_att_search_list | zephyrproject-rtos | Zephyr | High | 7.6 | 2024-09-13 20:06:45 | Deep Dive |
| CVE-2024-6135 | BT:Classic: Multiple missing buf length checks | zephyrproject-rtos | Zephyr | High | 7.6 | 2024-09-13 19:51:32 | Deep Dive |
| CVE-2024-5931 | BT: Unchecked user input in bap_broadcast_assistant | zephyrproject-rtos | Zephyr | Medium | 6.3 | 2024-09-13 19:41:58 | Deep Dive |
| CVE-2024-6258 | BT: Missing length checks of net_buf in rfcomm_handle_data | zephyrproject-rtos | Zephyr | Medium | 6.8 | 2024-09-13 19:05:54 | Deep Dive |
| CVE-2024-5754 | BT: Encryption procedure host vulnerability | zephyrproject-rtos | Zephyr | High | 8.2 | 2024-09-13 18:50:05 | Deep Dive |
| CVE-2024-43915 | WordPress Zephyr Project Manager plugin <=3.3.102 - Cross Site Scripting (XSS) vulnerability | Dylan James | Zephyr Project Manager | Medium | 5.5 | 2024-08-26 20:31:28 | Deep Dive |
| CVE-2024-43916 | WordPress Zephyr Project Manager plugin <= 3.3.102 - Insecure Direct Object References (IDOR) vulnerability | Dylan James | Zephyr Project Manager | Medium | 4.3 | 2024-08-26 20:23:11 | Deep Dive |
| CVE-2024-4785 | BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero | zephyrproject-rtos | Zephyr | High | 7.6 | 2024-08-19 22:10:05 | Deep Dive |