684 matches found
Zephyr 安全漏洞
Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which stems from memory corruption in the WebSocket upgrade path of the HTTP server. This vulnerability could allow remote, unauthenticated attackers to trigger...
Zephyr 安全漏洞
Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which stems from the use of NETASSERT for verifying buffer length only in the zcansendtoctx function. Disabling this feature in production builds may lead to...
Exploit for Use of Externally-Controlled Format String in Ghs Integrity_Rtos
🛡️ CVE-2019-7711: Green Hills INTEGRITY RTOS Information Lea...
CVE-2026-7425
Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIXINFORMATION option that is smalle...
CVE-2026-0648
The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...
CVE-2021-27502
Texas Instruments TI-RTOS, when configured to use HeapMem heapdefault, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMemallocUnprotected' and result in code execution...
CVE-2025-48768
Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...
CVE-2025-48769
Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...
EUVD-2026-0010
Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...
CVE-2025-48768 Apache NuttX RTOS: fs/inode: fs_inoderemove root inode removal
Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...
PT-2025-54473
Name of the Vulnerable Software and Affected Versions Apache NuttX RTOS versions 10.0.0 through 12.9.9 Description A flaw exists in the fs/inode/fs inoderemove code of the Apache NuttX RTOS that allows root filesystem inode removal. This can lead to a debug assert trigger disabled by default, a...
Zephyr 安全漏洞
Zephyr is an extensible real-time operating system RTOS open-sourced by Zephyr. A security vulnerability exists in Zephyr that stems from an integer overflow in the btbraclrecv routine, which could lead to problems when processing BR/EDR L2CAP traffic...
Eclipse ThreadX RTOS 安全漏洞
Eclipse ThreadX RTOS is an advanced real-time operating system RTOS from Eclipse ThreadX designed for deeply embedded applications. A security vulnerability exists in Eclipse ThreadX RTOS versions prior to 6.4.3 that stems from not properly checking the maximum priority setting of the thread...
CVE-2025-11616
A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6. Users should upgrade to the latest...
CVE-2025-11617
CVE-2025-11617 describes a missing validation check in FreeRTOS-Plus-TCP’s IPv6 packet processing that can cause an out-of-bounds read when handling IPv6 packets with incorrect payload lengths. Affected component is the IPv6 processing path in FreeRTOS-Plus-TCP; issue is limited to IPv6-enabled a...
EUVD-2021-14171
Malware in sbrugna...
EUVD-2014-2570
Malware in sbrugna...
EUVD-2018-2004
Malware in sbrugna...
EUVD-2021-14183
Malware in sbrugna...
EUVD-2002-1962
Malware in sbrugna...