Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zephyr
(Zephyrproject)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 105 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-02-25 | CVE-2025-1675 | The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the copied data. | Zephyr | 9.1 | ||
| 2025-02-25 | CVE-2025-1673 | A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation. | Zephyr | 8.2 | ||
| 2025-02-25 | CVE-2025-1674 | A lack of input validation allows for out of bounds reads caused by malicious or malformed packets. | Zephyr | 8.2 | ||
| 2023-09-27 | CVE-2023-4260 | Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. | Zephyr | 10.0 | ||
| 2023-09-27 | CVE-2023-4264 | Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. | Zephyr | 9.6 |