kernel: Linux kernel Bluetooth: Denial of Service due to use-after-free in connection handling

A flaw was found in the Linux kernel's Bluetooth subsystem. A use-after-free UAF vulnerability exists in the hcidisconnectallsync function. This can occur if a Bluetooth connection is deleted while a controller event is being processed concurrently. A local attacker could potentially exploit this...

CVE-2025-40301

No description is available for this CVE. Mitigation To mitigate this issue, disable the Bluetooth kernel module if Bluetooth functionality is not required. This can be achieved by blacklisting the bluetooth module. Create a file named /etc/modprobe.d/disable-bluetooth.conf with the following...

CVE-2023-53762

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in hcidisconnectallsync Use-after-free can occur in hcidisconnectallsync if a connection is deleted by concurrent processing of a controller event. To prevent this the code now tries to iterate over th...

kernel: Linux kernel Bluetooth: Denial of Service due to use-after-free in connection handling

A flaw was found in the Linux kernel's Bluetooth subsystem. A use-after-free UAF vulnerability exists in the hcidisconnectallsync function. This can occur if a Bluetooth connection is deleted while a controller event is being processed concurrently. A local attacker could potentially exploit this...

Citrix FAS - Incorrect username and password

Incorrect username and password FAS After launching desktop when users tries to log on. No error on the certificates, no error in "Application" and "System" in the FAS server. VDA event logs Windows logs Security and looking for audit failure at the same time as the login failure: 0xC000006A| use...

CVE-2020-15931

Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator that is configured within the product in its installation state by generating a single Kerberos Pre-Authentication Failed ID 4771 event on a...

Java MixerSequencer Object GM_Song Structure Handling Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Java MixerSequencer Object GM_Song Structure Handling Vulnerability

This module exploits a flaw within the handling of MixerSequencer objects in Java 6u18 and before. Exploitation id done by supplying a specially crafted MIDI file within an RMF File. When the MixerSequencer objects is used to play the file, the GMSong structure is populated with a function pointe...