41 matches found
MiracleLinux 9 : bluez-5.72-2.el9 (AXSA:2024-9114:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9114:01 advisory. bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 BlueZ: Audio Profile AVRCP...
EUVD-2023-31125
Malicious code in bioql PyPI...
EUVD-2025-23399
Malicious code in bioql PyPI...
CVE-2025-8475
Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target...
CVE-2025-8475
Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target...
CVE-2025-8475
The CVE-2025-8475 entry concerns Alpine iLX-507 AVRCP stack-based buffer overflow that enables remote code execution. The affected device is the Alpine iLX-507 multimedia receiver, with impact as described: an attacker on the network adjacent can exploit via the AVRCP protocol to execute code wit...
CVE-2025-8475 Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability
Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target...
(0Day) (Pwn2Own) Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the...
Alibaba Cloud Linux 3 : 0059: bluez (ALINUX3-SA-2025:0059)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0059 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-27349: BlueZ Audio Profile AVRCP...
Linux Distros Unpatched Vulnerability : CVE-2023-27349
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execut...
Linux Distros Unpatched Vulnerability : CVE-2023-51580
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BlueZ Audio Profile AVRCP avrcpparseattributelist Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers ...
Linux Distros Unpatched Vulnerability : CVE-2023-51589
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to...
PT-2025-31667 · Alpine · Alpine Ilx-507
Name of the Vulnerable Software and Affected Versions: Alpine iLX-507 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required, specifically, the target mus...
bluez: audio profile avrcp parse_media_folder out-of-bounds read information disclosure vulnerability
A flaw was found within the handling of the AVRCP protocol in BlueZ. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect ...
[SECURITY] [DLA 3820-1] bluez security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3820-1 [email protected] https://www.debian.org/lts/security/ Arturo Borrero Gonzalez May 25, 2024 https://wiki.debian.org/LTS -...
Debian dla-3820 : bluetooth - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3820 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3820-1 [email protected] https://www.debian.org/lts/security/...
AZL-40244 CVE-2023-51589 affecting package bluez 5.63-6
BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability ...
CVE-2023-51589
BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability ...
CVE-2023-51580
BlueZ Audio Profile AVRCP avrcpparseattributelist Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this...
CVE-2023-51580
BlueZ Audio Profile AVRCP avrcpparseattributelist Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this...