Vulnerabilities > Zephyrproject > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-05 | CVE-2021-3581 | Improper Validation of Specified Quantity in Input vulnerability in Zephyrproject Zephyr 2.5.0/2.5.1 Buffer Access with Incorrect Length Value in zephyr. | 8.8 |
| 2021-05-25 | CVE-2020-10065 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr Missing Size Checks in Bluetooth HCI over SPI. | 8.8 |
| 2021-05-25 | CVE-2020-13598 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. | 7.8 |
| 2021-05-25 | CVE-2020-13600 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr Malformed SPI in response for eswifi can corrupt kernel memory. | 7.6 |
| 2021-05-25 | CVE-2020-13603 | Integer Overflow or Wraparound vulnerability in Zephyrproject Zephyr Integer Overflow in memory allocating functions. | 7.8 |
| 2021-05-25 | CVE-2021-3320 | Type Confusion vulnerability in Zephyrproject Zephyr Type Confusion in 802154 ACK Frames Handling. | 7.5 |
| 2020-06-05 | CVE-2020-10063 | Integer Overflow or Wraparound vulnerability in Zephyrproject Zephyr A remote adversary with the ability to send arbitrary CoAP packets to be parsed by Zephyr is able to cause a denial of service. | 7.5 |
| 2020-06-05 | CVE-2020-10061 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr Improper handling of the full-buffer case in the Zephyr Bluetooth implementation can result in memory corruption. | 8.8 |
| 2020-05-11 | CVE-2020-10067 | Integer Overflow or Wraparound vulnerability in Zephyrproject Zephyr 1.14.1/2.1.0 A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. | 7.8 |
| 2020-05-11 | CVE-2020-10058 | Improper Input Validation vulnerability in Zephyrproject Zephyr 2.1.0 Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. | 7.8 |