Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

zephyr — Vulnerabilities & Security Advisories 118

All 118 CVE vulnerabilities found in zephyr, with AI-generated Chinese analysis, references, and POCs.

Vendor: zephyrproject-rtos

CVE IDTitleCVSSSeverityPaused
CVE-2022-3806 Bluetooth HCI Error Handling Double Free CWE-415 9.8 -2023-01-19
CVE-2023-0396 Buffer Overreads in Bluetooth HCI CWE-126 8.8 -2023-01-19
CVE-2023-0397 DoS: Invalid Initialization in le_read_buffer_size_complete CWE-703 9.6 Critical2023-01-19
CVE-2021-3966 Usb bluetooth device ACL read cb buffer overflow CWE-122 9.6 Critical2023-01-11
CVE-2022-0553 Possible to retrieve uncrypted firmware image CWE-200 6.5 Medium2023-01-11
CVE-2022-2993 bt: host: Wrong key validation check 8.6 High2022-12-12
CVE-2022-2741 can: denial-of-service can be triggered by a crafted CAN frame CWE-400 8.2 High2022-10-31
CVE-2022-1841 Out-of-bound write in tcp_flags CWE-787 7.2 High2022-08-31
CVE-2022-1042 Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning CWE-787 8.2 High2022-07-26
CVE-2022-1041 Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning CWE-787 8.2 High2022-07-26
CVE-2021-3435 L2CAP: Information leakage in le_ecred_conn_req() CWE-908 4.0 Medium2022-06-28
CVE-2021-3434 L2CAP: Stack based buffer overflow in le_ecred_conn_req() CWE-121 4.9 Medium2022-06-28
CVE-2021-3433 BT: Invalid channel map in CONNECT_IND results to Deadlock CWE-703 4.0 Medium2022-06-28
CVE-2021-3432 BT: Invalid interval in CONNECT_IND leads to Division by Zero CWE-369 4.3 Medium2022-06-28
CVE-2021-3431 BT: Assertion failure on repeated LL_FEATURE_REQ CWE-617 4.3 Medium2022-06-28
CVE-2021-3430 BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ CWE-617 6.5 Medium2022-06-28
CVE-2021-3861 The RNDIS USB device class includes a buffer overflow vulnerability CWE-122 8.2 High2022-02-07
CVE-2021-3835 Buffer overflow in usb device class CWE-122 8.2 High2022-02-07
CVE-2021-3454 Truncated L2CAP K-frame causes assertion failure CWE-130 4.3 Medium2021-10-19
CVE-2021-3455 Disconnecting L2CAP channel right after invalid ATT request leads freeze CWE-416 4.3 Medium2021-10-19
CVE-2021-3330 RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr CWE-787 7.1 High2021-10-12
CVE-2021-3323 Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr CWE-191 8.3 High2021-10-12
CVE-2021-3322 Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr CWE-476 6.5 Medium2021-10-12
CVE-2021-3321 Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal CWE-680 7.5 High2021-10-12
CVE-2021-3625 Buffer overflow in Zephyr USB DFU DNLOAD CWE-122 9.6 Critical2021-10-05
CVE-2021-3581 Buffer Access with Incorrect Length Value in zephyr CWE-805 7.0 High2021-10-05
CVE-2021-3510 Zephyr JSON decoder incorrectly decodes array of array CWE-588 7.5 High2021-10-05
CVE-2021-3436 BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known CWE-694 4.3 Medium2021-10-05
CVE-2021-3319 DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses CWE-476 6.5 Medium2021-10-05
CVE-2021-3320 Type Confusion in 802154 ACK Frames Handling CWE-476 5.9 Medium2021-05-24

All 118 known CVE vulnerabilities affecting zephyr with full Chinese analysis, references, and POCs where available.