Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

zephyrproject-rtos — Vulnerabilities & Security Advisories 118

Browse all 118 CVE security advisories affecting zephyrproject-rtos. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by zephyrproject-rtos:zephyr
CVE IDTitleCVSSSeverityPublished
CVE-2022-3806 Bluetooth HCI Error Handling Double Free — zephyrCWE-415 9.8 -2023-01-19
CVE-2023-0396 Buffer Overreads in Bluetooth HCI — zephyrCWE-126 8.8 -2023-01-19
CVE-2023-0397 DoS: Invalid Initialization in le_read_buffer_size_complete — zephyrCWE-703 9.6 Critical2023-01-19
CVE-2021-3966 Usb bluetooth device ACL read cb buffer overflow — zephyrCWE-122 9.6 Critical2023-01-11
CVE-2022-0553 Possible to retrieve uncrypted firmware image — zephyrCWE-200 6.5 Medium2023-01-11
CVE-2022-2993 bt: host: Wrong key validation check — zephyr 8.6 High2022-12-12
CVE-2022-2741 can: denial-of-service can be triggered by a crafted CAN frame — zephyrCWE-400 8.2 High2022-10-31
CVE-2022-1841 Out-of-bound write in tcp_flags — zephyrCWE-787 7.2 High2022-08-31
CVE-2022-1042 Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning — zephyrCWE-787 8.2 High2022-07-26
CVE-2022-1041 Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning — zephyrCWE-787 8.2 High2022-07-26
CVE-2021-3435 L2CAP: Information leakage in le_ecred_conn_req() — zephyrCWE-908 4.0 Medium2022-06-28
CVE-2021-3434 L2CAP: Stack based buffer overflow in le_ecred_conn_req() — zephyrCWE-121 4.9 Medium2022-06-28
CVE-2021-3433 BT: Invalid channel map in CONNECT_IND results to Deadlock — zephyrCWE-703 4.0 Medium2022-06-28
CVE-2021-3432 BT: Invalid interval in CONNECT_IND leads to Division by Zero — zephyrCWE-369 4.3 Medium2022-06-28
CVE-2021-3431 BT: Assertion failure on repeated LL_FEATURE_REQ — zephyrCWE-617 4.3 Medium2022-06-28
CVE-2021-3430 BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ — zephyrCWE-617 6.5 Medium2022-06-28
CVE-2021-3861 The RNDIS USB device class includes a buffer overflow vulnerability — zephyrCWE-122 8.2 High2022-02-07
CVE-2021-3835 Buffer overflow in usb device class — zephyrCWE-122 8.2 High2022-02-07
CVE-2021-3454 Truncated L2CAP K-frame causes assertion failure — zephyrCWE-130 4.3 Medium2021-10-19
CVE-2021-3455 Disconnecting L2CAP channel right after invalid ATT request leads freeze — zephyrCWE-416 4.3 Medium2021-10-19
CVE-2021-3330 RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr — zephyrCWE-787 7.1 High2021-10-12
CVE-2021-3323 Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr — zephyrCWE-191 8.3 High2021-10-12
CVE-2021-3322 Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr — zephyrCWE-476 6.5 Medium2021-10-12
CVE-2021-3321 Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal — zephyrCWE-680 7.5 High2021-10-12
CVE-2021-3625 Buffer overflow in Zephyr USB DFU DNLOAD — zephyrCWE-122 9.6 Critical2021-10-05
CVE-2021-3581 Buffer Access with Incorrect Length Value in zephyr — zephyrCWE-805 7.0 High2021-10-05
CVE-2021-3510 Zephyr JSON decoder incorrectly decodes array of array — zephyrCWE-588 7.5 High2021-10-05
CVE-2021-3436 BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known — zephyrCWE-694 4.3 Medium2021-10-05
CVE-2021-3319 DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses — zephyrCWE-476 6.5 Medium2021-10-05
CVE-2021-3320 Type Confusion in 802154 ACK Frames Handling — zephyrCWE-476 5.9 Medium2021-05-24

This page lists every published CVE security advisory associated with zephyrproject-rtos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.