Page 7 of 70 results (0.009 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code. Dos posibles vulnerabilidades de desbordamiento del búfer en las siguientes ubicaciones en el código fuente del controlador Zephyr eS-WiFi. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html http://seclists.org/fulldisclosure/2023/Nov/1 http://www.openwall.com/lists/oss-security/2023/11/07/1 https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gghm-c696-f4j4 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-193: Off-by-one Error •

CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0

In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent back and will be accepted by provisionee. En la implementación de Bluetooth mesh, si el "provisionee" tiene una clave pública que se envía OOB, durante el aprovisionamiento se puede devolver y será aceptada por el "provisionee". • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-m34c-cp63-rwh7 • CWE-684: Incorrect Provision of Specified Functionality •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2

Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L841 • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html http://seclists.org/fulldisclosure/2023/Nov/1 http://www.openwall.com/lists/oss-security/2023/11/07/1 https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-4vgv-5r6q-r6xh • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

The bluetooth HCI host layer logic not clearing a global reference to a semaphore after synchronously sending HCI commands may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xvvm-8mcm-9cq3 • CWE-672: Operation on a Resource after Expiration or Release CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Union variant confusion allows any malicious BT controller to execute arbitrary code on the Zephyr host. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx9g-8fr2-q899 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •