16 matches found
EUVD-2019-18310
Malware in sbrugna...
CVE-2025-0075
CVE-2025-0075 is a use-after-free in process_service_search_attr_req of sdp_server.cc that can lead to remote code execution with no privileges or user interaction. Affected software is the Android platform (System component in the 2025-03-01/03 bulletin) and related Android sources describe this...
CVE-2023-6233
Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and...
Buffer overflow
Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and...
CVE-2023-6233
CVE-2023-6233 affects Canon Office/Small Office Multifunction Printers and Laser Printers with a buffer overflow in the SLP attribute request process. Affected are Satera LBP670C Series/Satera MF750C Series (firmware v03.07 and earlier, Japan); Color imageCLASS LBP674C/X LBP1333C/MF750C/X MF1333C...
CVE-2023-6233
Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and...
SUSE CVE-2019-8921
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...
SUSE CVE-2019-8922
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...
CVE-2019-8922
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...
DEBIAN-CVE-2019-8922
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...
UBUNTU-CVE-2019-8922
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...
UBUNTU-CVE-2019-8921
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...
CVE-2019-8922
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...
ESXi OpenSLP堆溢出漏洞(CVE-2021-21974)
My RCE PoC walkthrough for CVE-2021–21974 VMware ESXi OpenSLP heap-overflow vulnerability Introduction During a recent engagement, I discovered a machine that is running VMware ESXi 6.7.0. Upon inspecting any known vulnerabilities associated with this version of the software, I identified it may ...
samba -- multiple vulnerabilities
The samba project reports: Malicious servers can cause Samba client code to return filenames containing path separators to calling code. When the password contains multi-byte non-ASCII characters, the check password script does not receive the full password string. Users with the "get changes"...
PT-2019-6138 · Linux +2 · Bluez +2
Name of the Vulnerable Software and Affected Versions: BlueZ versions through 5.48 Description: The issue is related to the implementation of the SDP service in the Bluetooth protocol stack for Linux BlueZ, which is associated with insufficient authentication of data. This can allow a remote...