VYPR
Vendor

Zephyr Project

Products
1
CVEs
16
Across products
16
Status
Private

Products

1

Recent CVEs

16
  • CVE-2023-7060HigMar 15, 2024
    risk 0.56cvss 8.6epss 0.00

    Zephyr OS IP packet handling does not properly drop IP packets arriving on an external interface with a source address equal to 127.0.01 or the destination address.

  • CVE-2025-1675HigFeb 25, 2025
    risk 0.53cvss 8.2epss 0.00

    The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the copied data.

  • CVE-2025-1673HigFeb 25, 2025
    risk 0.53cvss 8.2epss 0.00

    A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation.

  • CVE-2024-1638HigFeb 19, 2024
    risk 0.53cvss 8.2epss 0.00

    The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. If set, requires that LE Secure Connections is used for read/write access,…

  • CVE-2023-6249HigFeb 18, 2024
    risk 0.52cvss 8.0epss 0.00

    Signed to unsigned conversion esp32_ipm_send

  • CVE-2023-6749HigFeb 18, 2024
    risk 0.52cvss 8.0epss 0.00

    Unchecked length coming from user input in settings shell

  • CVE-2025-2962HigJun 24, 2025
    risk 0.49cvss 7.5epss 0.00

    A denial-of-service issue in the dns implemenation could cause an infinite loop.

  • CVE-2024-8798HigDec 16, 2024
    risk 0.49cvss 7.5epss 0.00

    No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.

  • CVE-2024-6259HigSep 13, 2024
    risk 0.49cvss 7.6epss 0.01

    BT: HCI: adv_ext_report Improper discarding in adv_ext_report

  • CVE-2024-4785HigAug 19, 2024
    risk 0.49cvss 7.6epss 0.00

    BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero

  • CVE-2023-6881HigFeb 29, 2024
    risk 0.47cvss 7.3epss 0.00

    Possible buffer overflow in is_mount_point

  • CVE-2024-6444MedOct 4, 2024
    risk 0.41cvss 6.3epss 0.00

    No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.

  • CVE-2024-6443MedOct 4, 2024
    risk 0.41cvss 6.3epss 0.01

    In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty.

  • CVE-2024-6442MedOct 4, 2024
    risk 0.41cvss 6.3epss 0.00

    In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.

  • CVE-2023-5779MedFeb 18, 2024
    risk 0.29cvss 4.4epss 0.00

    can: out of bounds in remove_rx_filter function

  • CVE-2020-10070CriJun 5, 2020
    risk 0.00cvss 9.0epss 0.03

    In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.