CVE-2025-68473 ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP Result Handling

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the ESP-IDF Bluetooth host stack BlueDroid, the function btadmsdpresult used a fixed-size array uuidlist32MAXUUIDSIZE to store discovered service UUIDs during the...

EUVD-2007-6089

Malware in sbrugna...

PT-2025-25257 · Sony · Sony Xav-Ax8500

Name of the Vulnerable Software and Affected Versions: Sony XAV-AX8500 affected versions not specified Description: The issue is related to an integer overflow in the Bluetooth SDP protocol, which can lead to remote code execution. This was demonstrated at Pwn2Own. Recommendations: At the moment,...

SUSE CVE-2023-4513

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file...

DEBIAN-CVE-2023-4513

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file...

UBUNTU-CVE-2023-4513

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file...

Security update for wireshark (moderate)

openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2021:1566-1 Rating: moderate References: 1192830 Cross-References: CVE-2021-39920 CVE-2021-39921 CVE-2021-39922 CVE-2021-39924 CVE-2021-39925 CVE-2021-39926 CVE-2021-39928 CVE-2021-39929 CVSS scores: CVE-2021-399...

UBUNTU-CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

KLA12354 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in IEEE 802.11 dissector can be exploited via special crafted packet to cause denial of...

SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8318 / 8319)

This wireshark version update from 1.8.8 to 1.8.9 includes several security and general bug fixes. bnc831718 http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html - The Bluetooth SDP dissector could go into a large loop CVE-2013-4927 wnpa-sec-2013-45 - The DIS dissector could go into a larg...

CVE-2013-4927

Integer signedness error in the gettypelength function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...

DEBIAN-CVE-2013-4927

Integer signedness error in the gettypelength function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...

CVE-2013-4927

Integer signedness error in the gettypelength function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...

MGASA-2013-0236 Updated wireshark package fixes security vulnerabilities

The Bluetooth SDP dissector could go into a large loop CVE-2013-4927. The DIS dissector could go into a large loop CVE-2013-4929. The DVB-CI dissector could crash CVE-2013-4930. The GSM RR dissector and possibly others could go into a large loop CVE-2013-4931. The GSM A Common dissector could cra...

Wireshark 1.8.x < 1.8.9 Multiple Vulnerabilities

The installed version of Wireshark 1.8 is earlier than 1.8.9. It is, therefore, affected by denial of service vulnerabilities in the following dissectors : - ASN.1 PER Bug 8722 - Bluetooth SDP Bug 8831 - DIS Bug 8911 - DVB-CI Bug 8916 - GSM A Common Bug 8940 - GSM RR Bug 8923 - Netmon file parser...

WireShark sniffer multiple security vulnerabilities

Buffer overflow on SSL parsing, DoS on HTTP, MEGACO, Bluetooth SDP, RPC parsing...

Debian DSA-1414-1 : wireshark - several vulnerabilities

Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service or execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-6114 Stefan Esser discovered a buffer...

Wireshark 0.99.6版本多个远程拒绝服务漏洞

BUGTRAQ ID: 26532 Wireshark以前名为Ethereal，是一款非常流行的网络协议分析工具。 Wireshark的以下协议处理模块中存在多个死循环、内存耗尽、崩溃或缓冲器溢出漏洞： SSL、ANSI MAP、Firebird/Interbase、NCP、HTTP、MEGACO、DCP ETSI、PPP和蓝牙SDP处理模块 处理畸形的MP3或iSeries（OS/400）通讯追踪文件 处理畸形的DNP或RPC端口映射报文 如果Wireshark受骗从网络抓包或通过抓包文件解析了上述畸形报文的话，就会耗尽大量系统资源。 Wireshark Wireshark 0.8.1...