Vulnerabilities > Zephyrproject > Zephyr > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-25 | CVE-2022-3806 | Double Free vulnerability in Zephyrproject Zephyr Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer. | 9.8 |
| 2022-12-09 | CVE-2022-2993 | Unspecified vulnerability in Zephyrproject Zephyr There is an error in the condition of the last if-statement in the function smp_check_keys. | 9.8 |
| 2021-10-12 | CVE-2021-3323 | Integer Underflow (Wrap or Wraparound) vulnerability in Zephyrproject Zephyr 2.4.0 Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. | 9.8 |
| 2021-10-05 | CVE-2021-3625 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr Buffer overflow in Zephyr USB DFU DNLOAD. | 9.8 |
| 2021-10-05 | CVE-2021-3319 | NULL Pointer Dereference vulnerability in Zephyrproject Zephyr 2.4.0 DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. | 9.8 |
| 2021-05-25 | CVE-2020-13601 | Out-of-bounds Read vulnerability in Zephyrproject Zephyr Possible read out of bounds in dns read. | 9.8 |
| 2021-05-25 | CVE-2020-10064 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr Improper Input Frame Validation in ieee802154 Processing. | 9.8 |
| 2020-06-05 | CVE-2020-10062 | Off-by-one Error vulnerability in Zephyrproject Zephyr An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution. | 9.8 |
| 2020-06-05 | CVE-2020-10070 | Classic Buffer Overflow vulnerability in Zephyrproject Zephyr In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution. | 9.8 |
| 2020-06-05 | CVE-2020-10071 | Classic Buffer Overflow vulnerability in Zephyrproject Zephyr The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. | 9.8 |