Astra Linux - уязвимость в wireshark

A buffer overflow in the Bluetooth SDP dissector in Wireshark versions 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows for denial of service through packet injection or malicious capture files...

Astra Linux - уязвимость в wireshark

The BT SDP dissector has an infinite loop in Wireshark versions 4.0.0 to 4.0.7, and 3.6.0 to 3.6.15. This issue allows for denial of service through packet injection or with crafted capture files...

CVE-2025-68473

The CVE-2025-68473 affects ESF-IDF (Espressif IoT Development Framework) Bluetooth host stack (ESP-IDF BlueDroid). The SDP result handling in bta_dm_sdp_result() stores discovered service UUIDs in a fixed-size array uuid_list[32][MAX_UUID_SIZE]; if more than 32 services are present, writes can ov...

CVE-2025-68473 ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP Result Handling

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the ESP-IDF Bluetooth host stack BlueDroid, the function btadmsdpresult used a fixed-size array uuidlist32MAXUUIDSIZE to store discovered service UUIDs during the...

EUVD-2007-6089

Malware in sbrugna...

EUVD-2021-26281

Malware in sbrugna...

EUVD-2013-4772

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-39925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture...

CVE-2025-5478

Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The...

CVE-2025-5478 Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability

Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The...

PT-2025-25257 · Sony · Sony Xav-Ax8500

Name of the Vulnerable Software and Affected Versions: Sony XAV-AX8500 affected versions not specified Description: The issue is related to an integer overflow in the Bluetooth SDP protocol, which can lead to remote code execution. This was demonstrated at Pwn2Own. Recommendations: At the moment,...

(Pwn2Own) Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Bluetooth SDP protocol. The issue results fr...

SUSE CVE-2023-4513

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file...

DEBIAN-CVE-2023-4513

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file...

UBUNTU-CVE-2023-4513

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file...

Wireshark 安全漏洞

Wireshark formerly known as Ethereal is a set of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark suffers from a denial-of-service vulnerability that originates from an infinite...

SUSE CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

GLSA-202210-04 : Wireshark: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-04 Wireshark: Multiple Vulnerabilities - Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file CVE-2021-22235 - NULL pointer exception i...

Security update for wireshark (moderate)

openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2021:1566-1 Rating: moderate References: 1192830 Cross-References: CVE-2021-39920 CVE-2021-39921 CVE-2021-39922 CVE-2021-39924 CVE-2021-39925 CVE-2021-39926 CVE-2021-39928 CVE-2021-39929 CVSS scores: CVE-2021-399...

UBUNTU-CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...