80 matches found
EUVD-2025-200284
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, when AVRCP is enabled on ESP32, receiving a malformed VENDOR DEPENDENT command from a peer device can cause the Bluetooth stack to access memory before validating the command...
EUVD-2017-6377
Malware in sbrugna...
EUVD-2017-6379
Malware in sbrugna...
EUVD-2019-2310
Malware in sbrugna...
EUVD-2017-6376
Malware in sbrugna...
EUVD-2019-11079
Malware in sbrugna...
EUVD-2017-7281
Malware in sbrugna...
EUVD-2017-18646
Malware in sbrugna...
EUVD-2019-11944
Malware in sbrugna...
EUVD-2018-3338
Malware in sbrugna...
EUVD-2017-6383
Malware in sbrugna...
EUVD-2017-2692
Malware in sbrugna...
EUVD-2017-2691
Malware in sbrugna...
EUVD-2017-2689
Malware in sbrugna...
CVE-2022-20221
In avrcctrlparsvendorcmd of avrcparsct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2019-10506
While processing QCANL80211VENDORSUBCMDAVOIDFREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdrago...
CVE-2018-11934
Possible out of bounds write due to improper input validation while processing DOACS vendor command in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607,...
CVE-2022-20221
In avrcctrlparsvendorcmd of avrcparsct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-0435
In avrcprocvendorcommand of avrcapi.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8....
CVE-2020-27021
In avrcctrlparsvendorcmd of avrcparstg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...