CVE-2026-46532

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...

CVE-2025-68474

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...

CVE-2024-49714

In avrcvendormsg of avrcopt.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-49714

In avrcvendormsg of avrcopt.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-49714

In avrcvendormsg of avrcopt.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-49714

In avrcvendormsg of avrcopt.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-49714

CVE-2024-49714 is an elevation-of-privilege vulnerability in the AVRCP vendor message path: in avrc_vendor_msg within avrc_opt.cc, a heap-buffer overflow can cause an out-of-bounds write. This enables local escalation on a paired device without extra privileges or user interaction. Exploitation i...

CVE-2024-49714

In avrcvendormsg of avrcopt.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-36029

Name of the Vulnerable Software and Affected Versions: avrc opt.cc affected versions not specified Description: An out-of-bounds write due to a heap buffer overflow exists in the avrc vendor msg function of avrc opt.cc. This issue could lead to escalation of privilege on a paired device without...

CVE-2023-21233

In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-20221

In avrcctrlparsvendorcmd of avrcparsct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20483

In several functions that parse avrc response in avrcparsct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-40537

Memory corruption in Bluetooth HOST while processing the AVRCPDUGETPLAYERAPPVALUETEXT AVRCP response...

CVE-2023-21233

In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21233

In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21233

In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21233

CVE-2023-21233 concerns the avrc module in Wear OS. The vulnerability arises from uninitialized data in multiple locations, enabling a heap data leak that could lead to remote information disclosure with no additional execution privileges needed. Exploitation is possible without user interaction ...

CVE-2023-21233

In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Wear OS Security Vulnerability

Google Wear OS is a Google-developed operating system from Google, Inc. that is specifically designed for use in smartwatches, smart bands, and other wearable devices. Google Wear OS suffers from a security vulnerability that stems from the presence of uninitialized data in multiple locations of...

CVE-2022-47974

The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart...