Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

zephyrproject-rtos — Vulnerabilities & Security Advisories 118

Browse all 118 CVE security advisories affecting zephyrproject-rtos. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products zephyrproject-rtos:zephyr
CVE IDTitleCVSSSeverityPaused
CVE-2026-5590 net: ip/tcp: Null pointer dereference can be triggered by a race condition — ZephyrCWE-476 6.4 Medium2026-04-05
CVE-2026-1679 net: eswifi socket send payload length not bounded — ZephyrCWE-120 7.3 High2026-03-27
CVE-2026-4179 stm32: usb: Infinite while loop in Interrupt Handler — ZephyrCWE-835 6.1 Medium2026-03-14
CVE-2026-0849 crypto: ATAES132A response length allows stack buffer overflow — ZephyrCWE-120 3.8 Low2026-03-14
CVE-2026-1678 dns: memory‑safety issue in the DNS name parser — ZephyrCWE-787 9.4 Critical2026-03-05
CVE-2025-12899 net: icmp: Out of bound memory read — ZephyrCWE-843 6.5 Medium2026-01-30
CVE-2025-12035 Bluetooth: Integer Overflow in Bluetooth Classic (BR/EDR) L2CAP — ZephyrCWE-190 6.5 Medium2025-12-15
CVE-2025-9557 Bluetooth: Mesh: Out-of-Bound Write in gen_prov_cont — ZephyrCWE-120 7.6 High2025-11-26
CVE-2025-9558 Bluetooth: Mesh: Out-of-Bound Write in gen_prov_start — ZephyrCWE-120 7.6 High2025-11-26
CVE-2025-9408 Userspace privilege escalation vulnerability on Cortex M — ZephyrCWE-270 8.2 High2025-11-11
CVE-2025-12890 Bluetooth: peripheral: Invalid handling of malformed connection request — ZephyrCWE-703 6.5 Medium2025-11-07
CVE-2025-10456 Bluetooth: Semi-Arbitrary ability to make the BLE Target send disconnection requests — ZephyrCWE-190 7.1 High2025-09-19
CVE-2025-10458 Bluetooth: le_conn_rsp does not sanitize CID, MTU, MPS values — ZephyrCWE-130 7.6 High2025-09-19
CVE-2025-7403 Bluetooth: bt_conn_tx_processor unsafe handling — ZephyrCWE-123 7.6 High2025-09-19
CVE-2025-10457 Bluetooth: Out-Of-Context le_conn_rsp Handling — ZephyrCWE-358 4.3 Medium2025-09-19
CVE-2025-2962 Infinite loop in dns_copy_qname — ZephyrCWE-835 8.2 High2025-06-24
CVE-2025-1675 Out of bounds read in dns_copy_qname — ZephyrCWE-125 8.2 High2025-02-25
CVE-2025-1674 Out of bounds read when unpacking DNS answers — ZephyrCWE-125 8.2 High2025-02-25
CVE-2025-1673 Out of bounds read when calling crc16_ansi and strlen in dns_validate_msg — ZephyrCWE-125 8.2 High2025-02-25
CVE-2024-10395 net: lib: http_server: Buffer Under-read — ZephyrCWE-127 8.6 High2025-02-03
CVE-2024-8798 Bluetooth: classic: avdtp: missing buffer length check — ZephyrCWE-122 7.5 High2024-12-15
CVE-2024-11263 arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y — ZephyrCWE-270 9.4 Critical2024-11-15
CVE-2024-6444 Bluetooth: ots: missing buffer length check — ZephyrCWE-122 6.3 Medium2024-10-04
CVE-2024-6443 zephyr: out-of-bound read in utf8_trunc — ZephyrCWE-125 6.3 Medium2024-10-04
CVE-2024-6442 Bluetooth: ASCS Unchecked tailroom of the response buffer — ZephyrCWE-787 6.3 Medium2024-10-04
CVE-2024-6259 BT: HCI: adv_ext_report Improper discarding in adv_ext_report — ZephyrCWE-787 7.6 High2024-09-13
CVE-2024-6137 BT: Classic: SDP OOB access in get_att_search_list — ZephyrCWE-121 7.6 High2024-09-13
CVE-2024-6135 BT:Classic: Multiple missing buf length checks — ZephyrCWE-122 7.6 High2024-09-13
CVE-2024-5931 BT: Unchecked user input in bap_broadcast_assistant — ZephyrCWE-1284 6.3 Medium2024-09-13
CVE-2024-6258 BT: Missing length checks of net_buf in rfcomm_handle_data — ZephyrCWE-122 6.8 Medium2024-09-13

This page lists every published CVE security advisory associated with zephyrproject-rtos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.