Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Zephyr — Vulnerabilities & Security Advisories 118

All 118 CVE vulnerabilities found in Zephyr, with AI-generated Chinese analysis, references, and POCs.

Vendor: zephyrproject-rtos

CVE IDTitleCVSSSeverityPublished
CVE-2020-13603 Integer Overflow in memory allocating functions CWE-190 6.9 Medium2021-05-24
CVE-2020-13601 Possible read out of bounds in dns read CWE-125 9.0 Critical2021-05-24
CVE-2020-13602 Remote Denial of Service in LwM2M do_write_op_tlv CWE-20 4.0 Medium2021-05-24
CVE-2020-13600 Malformed SPI in response for eswifi can corrupt kernel memory CWE-122 7.0 High2021-05-24
CVE-2020-13598 FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat CWE-121 6.3 Medium2021-05-24
CVE-2020-13599 Security problem with settings and littlefs CWE-276 3.3 Low2021-05-24
CVE-2020-10072 Improper Handling of Insufficient Permissions or Privileges in zephyr CWE-280 5.9 Medium2021-05-24
CVE-2020-10066 Incorrect Error Handling in Bluetooth HCI core CWE-476 2.5 Low2021-05-24
CVE-2020-10069 Zephyr Bluetooth unchecked packet data results in denial of service CWE-233 4.3 Medium2021-05-24
CVE-2020-10065 Missing Size Checks in Bluetooth HCI over SPI CWE-130 3.8 Low2021-05-24
CVE-2020-10064 Improper Input Frame Validation in ieee802154 Processing CWE-121 8.3 High2021-05-24
CVE-2020-10071 Insufficient publish message length validation in MQTT CWE-120 9.0 Critical2020-06-05
CVE-2020-10061 Error handling invalid packet sequence CWE-119 8.1 High2020-06-05
CVE-2020-10062 Packet length decoding error in MQTT CWE-193 9.0 Critical2020-06-05
CVE-2020-10063 Remote Denial of Service in CoAP Option Parsing Due To Integer Overflow CWE-190 6.8 Medium2020-06-05
CVE-2020-10068 Zephyr Bluetooth DLE duplicate requests vulnerability CWE-20 5.1 Medium2020-06-05
CVE-2020-10070 MQTT buffer overflow on receive buffer CWE-120 9.0 Critical2020-06-05
CVE-2020-10060 UpdateHub Might Dereference An Uninitialized Pointer CWE-119 8.0 High2020-05-11
CVE-2020-10067 Integer Overflow In is_in_region Allows User Thread To Access Kernel Memory CWE-190 7.5 High2020-05-11
CVE-2020-10058 Multiple Syscalls In kscan Subsystem Performs No Argument Validation CWE-20 7.8 High2020-05-11
CVE-2020-10059 UpdateHub Module Explicitly Disables TLS Verification CWE-295 4.8 Medium2020-05-11
CVE-2020-10027 ARC Platform Uses Signed Integer Comparison When Validating Syscall Numbers CWE-697 7.8 High2020-05-11
CVE-2020-10028 Multiple Syscalls In GPIO Subsystem Performs No Argument Validation CWE-20 7.8 High2020-05-11
CVE-2020-10024 ARM Platform Uses Signed Integer Comparison When Validating Syscall Numbers CWE-697 7.8 High2020-05-11
CVE-2020-10023 Shell Subsystem Contains a Buffer Overflow Vulnerability In shell_spaces_trim CWE-120 6.9 Medium2020-05-11
CVE-2020-10021 Out-of-bounds write in USB Mass Storage with unaligned sizes CWE-787 8.1 High2020-05-11
CVE-2020-10022 UpdateHub Module Copies a Variable-Size Hash String Into a Fixed-Size Array CWE-120 9.0 Critical2020-05-11
CVE-2020-10019 Buffer Overflow in USB DFU requested length CWE-120 8.1 High2020-05-11

All 118 known CVE vulnerabilities affecting Zephyr with full Chinese analysis, references, and POCs where available.