Filtered by vendor Zephyrproject
Subscribe
Total
64 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-14199 | 1 Zephyrproject | 1 Zephyr | 2020-05-13 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0 and 1.10.0. | |||||
CVE-2018-1000800 | 1 Zephyrproject | 1 Zephyr | 2020-05-13 | 7.5 HIGH | 9.8 CRITICAL |
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). This attack appear to be exploitable via a malicious application call the vulnerable kernel APIs (system sys_ring_buf_get() and sys_ring_buf_put). | |||||
CVE-2017-14202 | 1 Zephyrproject | 1 Zephyr | 2020-05-13 | 4.6 MEDIUM | 7.8 HIGH |
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the shell component of Zephyr allows a serial or telnet connected user to cause a crash, possibly with arbitrary code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all. | |||||
CVE-2017-14201 | 1 Zephyrproject | 1 Zephyr | 2020-05-13 | 4.6 MEDIUM | 7.8 HIGH |
Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all. |