CVE-2026-43023

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: fix race conditions in scosockconnect scosockconnect checks skstate and sktype without holding the socket lock. Two concurrent connect syscalls on the same socket can both pass the check and enter scoconnect,...

CVE-2026-31280

An issue in the Bluetooth RFCOMM service of Parani M10 Motorcycle Intercom v2.1.3 allows unauthorized attackers to cause a Denial of Service DoS via supplying crafted RFCOMM frames...

CVE-2026-31280

An issue in the Bluetooth RFCOMM service of Parani M10 Motorcycle Intercom v2.1.3 allows unauthorized attackers to cause a Denial of Service DoS via supplying crafted RFCOMM frames...

EUVD-2023-0970

Malicious code in bioql PyPI...

CVE-2023-26109

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

CVE-2024-50044

...

GHSA-9JH3-4PC9-HQ29 node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannel

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

iobroker.combustion-control (=0.0.1), jcode-ble (=0.0.1) +1 more potentially affected by CVE-2023-26109 via node-bluetooth-serial-port (=2.2.7)

node-bluetooth-serial-port NPM version =2.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on node-bluetooth-serial-port and may be impacted: - iobroker.combustion-control =0.0.1 - jcode-ble =0.0.1 - jcode-bluetooth =0.1.0, =0.9.2 Source cves:...

Buffer overflow

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

CVE-2023-26109

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

SUSE CVE-2012-6545

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application...

iobroker.combustion-control (=0.0.1), jcode-ble (=0.0.1) +1 more potentially affected by CVE-2023-26109 via node-bluetooth-serial-port (=2.2.7)

node-bluetooth-serial-port NPM version =2.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on node-bluetooth-serial-port and may be impacted: - iobroker.combustion-control =0.0.1 - jcode-ble =0.0.1 - jcode-bluetooth =0.1.0, =0.9.2 Source cves:...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. PoC js const BluetoothSerialPort = require"node-bluetooth-serial-port" const serial = new BluetoothSerialPort.BluetoothSerialPort...