Vulnerabilities > Zephyrproject > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-28 | CVE-2021-3430 | Reachable Assertion vulnerability in Zephyrproject Zephyr Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. | 7.5 |
| 2022-06-28 | CVE-2021-3431 | Reachable Assertion vulnerability in Zephyrproject Zephyr 2.5.0/2.5.1 Assertion reachable with repeated LL_FEATURE_REQ. | 7.5 |
| 2022-06-28 | CVE-2021-3432 | Divide By Zero vulnerability in Zephyrproject Zephyr Invalid interval in CONNECT_IND leads to Division by Zero. | 7.5 |
| 2022-06-28 | CVE-2021-3434 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr 2.5.0/2.5.1 Stack based buffer overflow in le_ecred_conn_req(). | 7.8 |
| 2022-02-07 | CVE-2021-3835 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr 2.6.0/2.6.1/3.0.0 Buffer overflow in usb device class. | 8.8 |
| 2021-10-19 | CVE-2021-3454 | Reachable Assertion vulnerability in Zephyrproject Zephyr 2.4.0/2.5.0/2.5.1 Truncated L2CAP K-frame causes assertion failure. | 7.5 |
| 2021-10-19 | CVE-2021-3455 | Use After Free vulnerability in Zephyrproject Zephyr 2.4.0/2.5.0/2.5.1 Disconnecting L2CAP channel right after invalid ATT request leads freeze. | 7.5 |
| 2021-10-12 | CVE-2021-3321 | Integer Underflow (Wrap or Wraparound) vulnerability in Zephyrproject Zephyr 2.4.0 Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. | 8.8 |
| 2021-10-12 | CVE-2021-3330 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr 2.4.0 RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr. | 8.8 |
| 2021-10-05 | CVE-2021-3510 | Unspecified vulnerability in Zephyrproject Zephyr Zephyr JSON decoder incorrectly decodes array of array. | 7.5 |