| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-43322 | WordPress Zephyr Project Manager plugin <= 3.3.100 - Insecure Direct Object References (IDOR) vulnerability | Dylan James | Zephyr Project Manager | Medium | 5.4 | 2024-08-18 21:31:11 | Deep Dive |
| CVE-2024-7624 | Zephyr Project Manager <= 3.3.101 - Authenticated (Subscriber+) Limited Privilege Escalation | dylanjkotze | Zephyr Project Manager | High | 8.1 | 2024-08-15 02:30:37 | Deep Dive |
| CVE-2024-7356 | Zephyr Project Manager <= 3.3.100 - Authenticated (Subscriber+) Stored Cross-Site Scripting via filename Parameter | dylanjkotze | Zephyr Project Manager | Medium | 6.4 | 2024-08-03 09:37:20 | Deep Dive |
| CVE-2024-38761 | WordPress Zephyr Project Manager plugin <= 3.3.99 - Sensitive Data Exposure via Export File vulnerability | Dylan James | Zephyr Project Manager | High | 7.5 | 2024-08-01 21:26:54 | Deep Dive |
| CVE-2024-6536 | Zephyr Project Manager < 3.3.99 - Editor+ XSS | Unknown | Zephyr Project Manager | - | - | 2024-07-30 06:00:11 | Deep Dive |
| CVE-2024-37484 | WordPress Zephyr Project Manager plugin <= 3.3.97 - Privilege Escalation vulnerability | Dylan James | Zephyr Project Manager | High | 8.8 | 2024-07-09 11:47:08 | Deep Dive |
| CVE-2024-3332 | bt: host/smp: DoS caused by null pointer dereference | zephyrproject-rtos | Zephyr | Medium | 6.5 | 2024-07-03 16:44:28 | Deep Dive |
| CVE-2024-3077 | Bluetooth: integer underflow in gatt_find_info_rsp | zephyrproject-rtos | Zephyr | Medium | 6.8 | 2024-03-29 05:06:18 | Deep Dive |
| CVE-2023-7060 | Missing Security Control in Zephyr OS IP Packet Handling | zephyrproject-rtos | Zephyr | High | 8.6 | 2024-03-15 18:12:36 | Deep Dive |
| CVE-2023-6881 | fs: fuse: buffer overflow vulnerability in the Zephyr FS | zephyrproject-rtos | Zephyr | High | 7.3 | 2024-02-20 18:25:19 | Deep Dive |
| CVE-2024-1638 | Bluetooth characteristic LESC security requirement not enforced without additional flags | zephyrproject-rtos | Zephyr | High | 8.2 | 2024-02-19 21:19:52 | Deep Dive |
| CVE-2023-5779 | can: out of bounds in remove_rx_filter function | zephyrproject-rtos | Zephyr | Medium | 4.4 | 2024-02-18 07:46:42 | Deep Dive |
| CVE-2023-6249 | ipm: signed to unsigned conversion problem in esp32_ipm_send | zephyrproject-rtos | Zephyr | High | 8.0 | 2024-02-18 07:27:13 | Deep Dive |
| CVE-2023-6749 | Unchecked user input length in the Zephyr Settings Shell | zephyrproject-rtos | Zephyr | High | 8.0 | 2024-02-18 07:04:36 | Deep Dive |
| CVE-2023-31237 | WordPress Zephyr Project Manager Plugin <= 3.3.9 is vulnerable to Open Redirection | Dylan James | Zephyr Project Manager | Medium | 4.7 | 2023-12-29 09:56:51 | Deep Dive |
| CVE-2023-5055 | L2CAP: Possible Stack based buffer overflow in le_ecred_reconf_req() | zephyrproject-rtos | Zephyr | High | 8.3 | 2023-11-21 18:05:11 | Deep Dive |
| CVE-2023-4424 | bt: hci: DoS and possible RCE | zephyrproject-rtos | Zephyr | High | 8.3 | 2023-11-21 06:42:45 | Deep Dive |
| CVE-2023-5139 | Potential buffer overflow vulnerability in the Zephyr STM32 Crypto driver | zephyrproject-rtos | Zephyr | Medium | 4.4 | 2023-10-26 04:40:37 | Deep Dive |
| CVE-2023-5753 | Potential buffer overflow vulnerabilities in the Zephyr Bluetooth subsystem | zephyrproject-rtos | Zephyr | Medium | 6.3 | 2023-10-24 16:09:04 | Deep Dive |
| CVE-2023-4257 | Unchecked user input length in the Zephyr WiFi shell module | zephyrproject-rtos | Zephyr | High | 7.6 | 2023-10-13 21:09:52 | Deep Dive |