CVE-2026-28527

BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GETPLAYERAPPLICATIONSETTINGATTRIBUTETEXT and GETPLAYERAPPLICATIONSETTINGVALUETEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paire...

EUVD-2025-200284

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, when AVRCP is enabled on ESP32, receiving a malformed VENDOR DEPENDENT command from a peer device can cause the Bluetooth stack to access memory before validating the command...

ESP-IDF 缓冲区错误漏洞

ESP-IDF is an Espressif open source development framework for Espressif SoCs supported on Windows, Linux and macOS. A buffer error vulnerability exists in ESP-IDF versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and prior versions, which stems from insufficient validation of the buffer length when AVR...

CVE-2023-51592

BlueZ Audio Profile AVRCP parsemediafolder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability i...

AZL-40258 CVE-2023-51589 affecting package bluez 5.63-6

BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability ...

SUSE CVE-2023-51580

BlueZ Audio Profile AVRCP avrcpparseattributelist Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this...

SUSE Linux Enterprise Server 安全漏洞

SUSE Linux Enterprise Server is a suite of enterprise server edition Linux operating systems from the German company SUSE. A security vulnerability exists in SUSE Linux Enterprise Server, which originates from a boundary error in the handling of the AVRCP protocol, which could allow a remote...

PT-2023-13821 · Qualcomm · Snapdragon +143

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the Bluetooth HOST when processing the AVRC PDU GET PLAYER APP VALUE TEXT AVRCP response. This suggests a proble...

HUAWEI EMUI/Magic UI 安全漏洞

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is to provide a full-scenario distributed operating system based on microkernel. A denial of service vulnerability exists in Huawei EMUI and HarmonyOS, which originates from its Bluetooth AVRCP module and can be...

CVE-2022-39176

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate paramslen...