Vulnerabilities > Zephyrproject > Zephyr > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-12 | CVE-2023-4265 | Classic Buffer Overflow vulnerability in Zephyrproject Zephyr Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... | 6.8 |
| 2023-02-26 | CVE-2021-3329 | Improper Initialization vulnerability in Zephyrproject Zephyr 2.4.0 Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack | 6.5 |
| 2023-01-25 | CVE-2023-0396 | Out-of-bounds Read vulnerability in Zephyrproject Zephyr A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses. | 6.8 |
| 2023-01-19 | CVE-2023-0397 | Improper Initialization vulnerability in Zephyrproject Zephyr A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete. | 6.5 |
| 2023-01-11 | CVE-2022-0553 | Cleartext Transmission of Sensitive Information vulnerability in Zephyrproject Zephyr There is no check to see if slot 0 is being uploaded from the device to the host. | 4.6 |
| 2022-08-31 | CVE-2022-1841 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero. | 5.3 |
| 2022-02-07 | CVE-2021-3861 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr 2.6.0/2.6.1 The RNDIS USB device class includes a buffer overflow vulnerability. | 6.8 |
| 2021-10-12 | CVE-2021-3322 | NULL Pointer Dereference vulnerability in Zephyrproject Zephyr 2.4.0 Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. | 6.5 |
| 2021-10-05 | CVE-2021-3436 | Unspecified vulnerability in Zephyrproject Zephyr 1.14.2/2.4.0/2.5.0 BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. | 6.5 |
| 2021-05-25 | CVE-2020-10066 | NULL Pointer Dereference vulnerability in Zephyrproject Zephyr Incorrect Error Handling in Bluetooth HCI core. | 5.7 |