SUSE CVE-2026-43017

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the bytes supplied for the flexible advdata array actually match the...

Linux Distros Unpatched Vulnerability : CVE-2026-43017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the...

CVE-2026-43017

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the bytes supplied for the flexible advdata array actually match the...

EUVD-2026-26616

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the bytes supplied for the flexible advdata array actually match the...

CVE-2026-43017

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the bytes supplied for the flexible advdata array actually match the...

PT-2026-36434

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth MGMT component where the mesh send function fails to verify that the bytes provided for the flexible adv data array match the embedded adv data len field...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003179)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003179 advisory. The sgioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service stack-based buffer overflow or possibly...

CVE-2025-68474

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...

EUVD-2020-3534

Malware in sbrugna...

EUVD-2004-0341

Malware in sbrugna...

EUVD-2021-17250

Malware in sbrugna...

EUVD-2022-36345

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-7187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sgioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service stack-based buffer overflow or...

OESA-2025-1901 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

CVE-2021-31886

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-31887

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-30319

Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2020-11180

Out of bound access in computer vision control due to improper validation of command length before processing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

Memory corruption

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length...

CVE-2022-33302

CVE-2022-33302 describes a memory corruption in the Qualcomm User Identity Module caused by improper validation of an array index when the APN TLV length exceeds the command length. Documents reference this vulnerability across multiple feeds (NVD, Red Hat, PRION, CNNVD, CVE list) with the same d...