Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zephyr
(Zephyrproject)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 88 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-07-26 | CVE-2022-1042 | In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. | Zephyr | 8.8 | ||
| 2022-07-26 | CVE-2022-1041 | In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. | Zephyr | 8.8 | ||
| 2022-06-28 | CVE-2021-3430 | Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr | Zephyr | 7.5 | ||
| 2022-06-28 | CVE-2021-3431 | Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions >= v2.5.0 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9 | Zephyr | 7.5 | ||
| 2022-06-28 | CVE-2021-3432 | Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4 | Zephyr | 7.5 | ||
| 2022-06-28 | CVE-2021-3434 | Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm | Zephyr | 7.8 | ||
| 2022-06-28 | CVE-2021-3435 | Information leakage in le_ecred_conn_req(). Zephyr versions >= v2.4.0 Use of Uninitialized Resource (CWE-908). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xhg3-gvj6-4rqh | Zephyr | 3.3 | ||
| 2021-05-25 | CVE-2020-13598 | FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h | Zephyr | 7.8 | ||
| 2021-05-25 | CVE-2020-13599 | Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q | Zephyr | 3.3 | ||
| 2022-02-07 | CVE-2021-3835 | Buffer overflow in usb device class. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf | Zephyr | 8.8 |