Shodan
Vulnerabilities
Vulnerable Software
Zephyrproject:  >> Zephyr  Security Vulnerabilities
CVE-2025-20696
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09915215; Issue ID: MSV-3801.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-08-04
CVE-2025-1675
The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the copied data.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-02-25
CVE-2025-1674
A lack of input validation allows for out of bounds reads caused by malicious or malformed packets.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-02-25
CVE-2025-1673
A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation.
CVSS Score
8.2
EPSS Score
0.002
Published
2025-02-25
CVE-2024-8798
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-12-16
CVE-2024-11263
When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols.
CVSS Score
9.3
EPSS Score
0.0
Published
2024-11-15
CVE-2024-6444
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-10-04
CVE-2024-6443
In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-10-04
CVE-2024-6442
In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-10-04
CVE-2024-6259
BT: HCI: adv_ext_report Improper discarding in adv_ext_report
CVSS Score
7.6
EPSS Score
0.001
Published
2024-09-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved