CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13601 – Possible read out of bounds in dns read
https://notcve.org/view.php?id=CVE-2020-13601
Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44 Una posible Lectura Fuera de Límites en una lectura de dns. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.3.0 incluyéndola, contienen una Lectura Fuera de Límites (CWE-125). Para mayor información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44 • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44 • CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13600 – Malformed SPI in response for eswifi can corrupt kernel memory
https://notcve.org/view.php?id=CVE-2020-13600
Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr Un SPI malformado en respuesta a eswifi puede corromper la memoria del kernel. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.3.0 incluyéndola, contienen un Desbordamiento del Búfer en la región Heap de la memoria (CWE-122). Para mayor información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13599 – Security problem with settings and littlefs
https://notcve.org/view.php?id=CVE-2020-13599
Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q Un problema de seguridad con la configuración y littlefs. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.3.0 incluyéndola, contienen Permisos Predeterminados Incorrectos (CWE-276). Para mayor información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1199 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13598 – FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat
https://notcve.org/view.php?id=CVE-2020-13598
FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h FS: Desbordamiento del búfer al habilitar Nombres de Archivo Largos en FAT_FS y llamar a fs_stat. Zephyr versiones posteriores a v1.14.2 incluyéndola, versiones posteriores a v2.3.0 incluyéndola, contienen un Desbordamiento del Búfer en la región Stack de la memoria (CWE-121). Para mayor información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10072 – Improper Handling of Insufficient Permissions or Privileges in zephyr
https://notcve.org/view.php?id=CVE-2020-10072
Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Insufficient Permissions or Privileges (CWE-280). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc Un manejo Inapropiado de Permisos o Privilegios Insuficientes en zephyr. Zephyr versiones posteriores a v1.14.2 incluyéndola, versiones posteriores a v2.2.0 incluyéndola contienen un Manejo Inapropiado de Permisos o Privilegios insuficientes (CWE-280). Para mayor información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc • CWE-280: Improper Handling of Insufficient Permissions or Privileges •