Vulnerabilities > Zephyrproject

DATE CVE VULNERABILITY TITLE RISK
2021-05-25 CVE-2020-13601 Out-of-bounds Read vulnerability in Zephyrproject Zephyr
Possible read out of bounds in dns read.
network
low complexity
zephyrproject CWE-125
7.5
2021-05-25 CVE-2020-13602 Infinite Loop vulnerability in Zephyrproject Zephyr
Remote Denial of Service in LwM2M do_write_op_tlv.
local
low complexity
zephyrproject CWE-835
2.1
2021-05-25 CVE-2020-13603 Integer Overflow or Wraparound vulnerability in Zephyrproject Zephyr
Integer Overflow in memory allocating functions.
local
low complexity
zephyrproject CWE-190
4.6
2021-05-25 CVE-2021-3320 Type Confusion vulnerability in Zephyrproject Zephyr
Type Confusion in 802154 ACK Frames Handling.
network
low complexity
zephyrproject CWE-843
5.0
2020-06-05 CVE-2020-10071 Classic Buffer Overflow vulnerability in Zephyrproject Zephyr
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution.
network
low complexity
zephyrproject CWE-120
7.5
2020-06-05 CVE-2020-10070 Classic Buffer Overflow vulnerability in Zephyrproject Zephyr
In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution.
network
low complexity
zephyrproject CWE-120
7.5
2020-06-05 CVE-2020-10068 Improper Input Validation vulnerability in Zephyrproject Zephyr
In the Zephyr project Bluetooth subsystem, certain duplicate and back-to-back packets can cause incorrect behavior, resulting in a denial of service.
low complexity
zephyrproject CWE-20
3.3
2020-06-05 CVE-2020-10063 Integer Overflow or Wraparound vulnerability in Zephyrproject Zephyr
A remote adversary with the ability to send arbitrary CoAP packets to be parsed by Zephyr is able to cause a denial of service.
network
low complexity
zephyrproject CWE-190
5.0
2020-06-05 CVE-2020-10062 Off-by-one Error vulnerability in Zephyrproject Zephyr
An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution.
network
low complexity
zephyrproject CWE-193
7.5
2020-06-05 CVE-2020-10061 Out-of-bounds Write vulnerability in Zephyrproject Zephyr
Improper handling of the full-buffer case in the Zephyr Bluetooth implementation can result in memory corruption.
low complexity
zephyrproject CWE-787
5.8