Zephyrproject CVE

Filtered by vendor Zephyrproject Subscribe

Total 91 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-14201	1 Zephyrproject	1 Zephyr	2024-11-21	4.6 MEDIUM	7.8 HIGH
Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all.
CVE-2017-14199	1 Zephyrproject	1 Zephyr	2024-11-21	7.5 HIGH	9.8 CRITICAL
A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0 and 1.10.0.
CVE-2024-6442	1 Zephyrproject	1 Zephyr	2024-11-13	N/A	6.5 MEDIUM
In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.
CVE-2024-6444	1 Zephyrproject	1 Zephyr	2024-11-13	N/A	6.5 MEDIUM
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
CVE-2024-6443	1 Zephyrproject	1 Zephyr	2024-11-12	N/A	6.5 MEDIUM
In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty.
CVE-2024-5754	1 Zephyrproject	1 Zephyr	2024-09-19	N/A	6.5 MEDIUM
BT: Encryption procedure host vulnerability
CVE-2024-6258	1 Zephyrproject	1 Zephyr	2024-09-19	N/A	6.5 MEDIUM
BT: Missing length checks of net_buf in rfcomm_handle_data
CVE-2024-5931	1 Zephyrproject	1 Zephyr	2024-09-19	N/A	6.5 MEDIUM
BT: Unchecked user input in bap_broadcast_assistant
CVE-2024-6135	1 Zephyrproject	1 Zephyr	2024-09-19	N/A	6.5 MEDIUM
BT:Classic: Multiple missing buf length checks
CVE-2024-6259	1 Zephyrproject	1 Zephyr	2024-09-19	N/A	6.5 MEDIUM
BT: HCI: adv_ext_report Improper discarding in adv_ext_report
CVE-2024-6137	1 Zephyrproject	1 Zephyr	2024-09-19	N/A	6.5 MEDIUM
BT: Classic: SDP OOB access in get_att_search_list

Vulnerabilities (CVE)