Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Zephyrproject Subscribe
Total 64 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-14199 1 Zephyrproject 1 Zephyr 2020-05-13 7.5 HIGH 9.8 CRITICAL
A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0 and 1.10.0.
CVE-2018-1000800 1 Zephyrproject 1 Zephyr 2020-05-13 7.5 HIGH 9.8 CRITICAL
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). This attack appear to be exploitable via a malicious application call the vulnerable kernel APIs (system sys_ring_buf_get() and sys_ring_buf_put).
CVE-2017-14202 1 Zephyrproject 1 Zephyr 2020-05-13 4.6 MEDIUM 7.8 HIGH
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the shell component of Zephyr allows a serial or telnet connected user to cause a crash, possibly with arbitrary code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all.
CVE-2017-14201 1 Zephyrproject 1 Zephyr 2020-05-13 4.6 MEDIUM 7.8 HIGH
Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all.