Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2025/04/25 12:0 a.m.9 views

Sonos Speakers S1 App < 11.15.1, S2 App < 16.6 Multiple RCE Vulnerabilities (SSA-2024-0002)

Sonos speakers are prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...

8.8CVSS7.6AI score0.00498EPSS
Exploits0References3
NVD
NVD
added 2025/04/23 5:16 p.m.7 views

CVE-2025-1049

Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS0.0035EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 4:44 p.m.57 views

CVE-2025-1049

CVE-2025-1049 affects Sonos Era 300 speakers. A heap-based buffer overflow in ID3 data processing allows network-adjacent attackers (no authentication) to execute code in the context of the anacapa user. Root cause: insufficient validation of user-supplied data length before heap copy. Public det...

8.8CVSS9.1AI score0.0035EPSS
Exploits0References1Affected Software2
Circl
Circl
added 2025/04/09 3:0 a.m.7 views

CVE-2025-1049

creationtimestamp| type| source ---|---|--- 2025-04-09 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-224/ 2025-04-23 18:48:06+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114388768229553757 2025-04-23 20:14:32+00:00| seen|...

8.8CVSS6.9AI score0.0035EPSS
Exploits0References4
Rows per page
Query Builder