Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

zephyr — Vulnerabilities & Security Advisories 118

All 118 CVE vulnerabilities found in zephyr, with AI-generated Chinese analysis, references, and POCs.

Vendor: zephyrproject-rtos

CVE IDTitleCVSSSeverityPublished
CVE-2024-5754 BT: Encryption procedure host vulnerability CWE-807 8.2 High2024-09-13
CVE-2024-4785 BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero CWE-369 7.6 High2024-08-19
CVE-2024-3332 bt: host/smp: DoS caused by null pointer dereference CWE-476 6.5 Medium2024-07-03
CVE-2024-3077 Bluetooth: integer underflow in gatt_find_info_rsp CWE-126 6.8 Medium2024-03-29
CVE-2023-7060 Missing Security Control in Zephyr OS IP Packet Handling 8.6 High2024-03-15
CVE-2023-6881 fs: fuse: buffer overflow vulnerability in the Zephyr FS CWE-120 7.3 High2024-02-20
CVE-2024-1638 Bluetooth characteristic LESC security requirement not enforced without additional flags CWE-20 8.2 High2024-02-19
CVE-2023-5779 can: out of bounds in remove_rx_filter function CWE-787 4.4 Medium2024-02-18
CVE-2023-6249 ipm: signed to unsigned conversion problem in esp32_ipm_send CWE-704 8.0 High2024-02-18
CVE-2023-6749 Unchecked user input length in the Zephyr Settings Shell CWE-121 8.0 High2024-02-18
CVE-2023-5055 L2CAP: Possible Stack based buffer overflow in le_ecred_reconf_req() CWE-121 8.3 High2023-11-21
CVE-2023-4424 bt: hci: DoS and possible RCE CWE-190 8.3 High2023-11-21
CVE-2023-5139 Potential buffer overflow vulnerability in the Zephyr STM32 Crypto driver CWE-120 4.4 Medium2023-10-26
CVE-2023-5753 Potential buffer overflow vulnerabilities in the Zephyr Bluetooth subsystem CWE-120 6.3 Medium2023-10-24
CVE-2023-4257 Unchecked user input length in the Zephyr WiFi shell module CWE-120 7.6 High2023-10-13
CVE-2023-4263 Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver CWE-120 7.6 High2023-10-13
CVE-2023-5563 Zephyr 安全漏洞 CWE-703 7.1 High2023-10-12
CVE-2023-3725 Potential buffer overflow vulnerability in the Zephyr CANbus subsystem CWE-120 7.6 High2023-10-06
CVE-2023-5184 Potential signed to unsigned conversion errors and buffer overflow vulnerabilities in the Zephyr IPM driver CWE-120 7.0 High2023-09-27
CVE-2023-4260 Potential off-by-one buffer overflow vulnerability in the Zephyr FS subsystem CWE-120 6.3 Medium2023-09-26
CVE-2023-4264 Potential buffer overflow vulnerabilities in the Zephyr Bluetooth subsystem CWE-120 7.1 High2023-09-26
CVE-2023-4259 Potential buffer overflow vulnerabilities in the Zephyr eS-WiFi driver CWE-120 7.1 High2023-09-25
CVE-2023-4258 bt: mesh: vulnerability in provisioning protocol implementation on provisionee side CWE-684 8.6 High2023-09-25
CVE-2023-4265 Buffer overflow in Zephyr USB CWE-120 6.4 Medium2023-08-12
CVE-2023-1901 HCI send_sync Dangling Semaphore Reference Re-use 5.9 Medium2023-07-10
CVE-2023-2234 BT HCI host union variant confusion CWE-843 6.8 Medium2023-07-10
CVE-2023-1902 HCI Connection Creation Dangling State Reference Re-use 5.9 Medium2023-07-10
CVE-2023-0359 ipv6: Missing ipv6 nullptr-check in handle_ra_input CWE-20 5.9 Medium2023-07-10
CVE-2023-0779 net: shell: Improper input validation CWE-20 6.7 Medium2023-05-30
CVE-2021-3329 DOS: Incorrect handling of the initial HCI ACL_MTU handshake packet leads to crash of bluetooth host layer CWE-703 9.6 Critical2023-02-26

All 118 known CVE vulnerabilities affecting zephyr with full Chinese analysis, references, and POCs where available.