Astra Linux – Vulnerability in bluez

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability, as the target must connect...

CVE-2026-33755 Authenticated SQL Injection in Contact/query addressBookIds filter

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.158, 25.0.92, and 26.0.17, an authenticated SQL Injection vulnerability in the JMAP Contact/query endpoint allows any authenticated user with basic addressbook access to extract arbitrary data...

MiracleLinux 9 : bluez-5.72-2.el9 (AXSA:2024-9114:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9114:01 advisory. bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 BlueZ: Audio Profile AVRCP...

CLSA-2025-1763031616 bluez: Fix of 10 CVEs

CVE-2023-27349: fix crash while handling unsupported events in avrcp - CVE-2023-44431: fix Stack-based buffer overflow and remote code execution vulnerability - CVE-2023-45866: restrict HID connections to avoid unauthorized input injection - CVE-2023-50229: fix heap-based buffer overflow...

EUVD-2016-5671

Malware in sbrugna...

EUVD-2021-27365

Malware in sbrugna...

EUVD-2022-49565

Malicious code in bioql PyPI...

EUVD-2024-50922

Malicious code in bioql PyPI...

EUVD-2023-55051

Malicious code in bioql PyPI...

EUVD-2023-56308

Malicious code in bioql PyPI...

CLSA-2025-1755113613 bluez: Fix of 2 CVEs

CVE-2023-50229: fix heap-based buffer overflow vulnerability in handling Phone Book Access profile by adding proper validation of user-supplied data length before copying to buffer - CVE-2023-50230: fix heap-based buffer overflow vulnerability in Phone Book Access profile to prevent arbitrary...

MGASA-2025-0115 Updated bluez packages fix security vulnerabilities

BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. CVE-2023-44431 BlueZ Audio Profile AVRCP avrcpparseattributelist Out-Of-Bounds Read Information Disclosure Vulnerability. CVE-2023-51580 BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read...

CVE-2024-12511

With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access...

CVE-2024-12511 SMB/FTP Address Book Scan Pass-back attack

With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access...

CVE-2024-12511 SMB/FTP Address Book Scan Pass-back attack

With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access...

CVE-2024-12511

CVE-2024-12511 is a Xerox VersaLink pass-back vulnerability affecting VersaLink MFPs (C7020/7025/7030 series) up to firmware 57.69.91. An attacker with printer/admin access and configured SMB/FTP scan could alter the user address book to redirect SMB/FTP traffic to a rogue host, allowing capture ...

Xerox Versalink 安全漏洞

Xerox VersaLink is a line of commercial printers from Xerox Corporation USA. A security vulnerability exists in Xerox Versalink that originates from access via the address book and can modify SMB/FTP settings, redirect scans and potentially capture credentials...

USN-7222-1: BlueZ vulnerabilities

Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious Bluetooth device, a remote attacker could possibly use this issue to execute arbitrary code...

USN-7222-1 bluez vulnerabilities

Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious Bluetooth device, a remote attacker could possibly use this issue to execute arbitrary code...

Astra Linux – Vulnerability in bluez

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability, as the target must connect...