51 matches found
EUVD-2026-12161
Philips Hue Bridge HomeKit hkhappairstorageput Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this...
EUVD-2026-12158
Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...
CVE-2026-3557
Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...
Philips Hue Bridge 安全漏洞
The Philips Hue Bridge is a smart lighting gateway device developed by the Japanese company Philips Hue. There is a security vulnerability in the Philips Hue Bridge, which stems from the lack of verification of the user data length in the happairverifyhandler function. This vulnerability may lead...
CVE-2026-3561 Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability
Philips Hue Bridge hkhap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit this vulnerabilit...
CVE-2026-3561
CVE-2026-3561 affects Philips Hue Bridge hk_hap characteristics. A heap-based buffer overflow in the handling of PUT requests to the characteristics endpoint allows remote code execution. The flaw stems from insufficient validation of user-supplied data length before copying into a heap buffer, e...
CVE-2026-3560 Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability
Philips Hue Bridge HomeKit hkhappairstorageput Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this...
CVE-2026-3557 Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...
CVE-2026-3557
CVE-2026-3557 affects Philips Hue Bridge via the hap_pair_verify_handler in the hk_hap service (listening on TCP 8080). The flaw is a heap-based buffer overflow caused by insufficient validation of user-supplied data length during Sub-TLV parsing, enabling network-adjacent attackers to execute co...
CVE-2026-3557
Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...
(Pwn2Own) Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
PT-2026-23778
Name of the Vulnerable Software and Affected Versions Philips Hue Bridge affected versions not specified Description A heap-based buffer overflow exists in the HomeKit component of the Philips Hue Bridge, specifically within the hk hap pair storage put function. This issue could allow for remote...
MiracleLinux 3 : wireshark-1.0.8-1.1.1AXS3 (AXSA:2009-70:02)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-70:02 advisory. Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library,...
EUVD-2021-8205
Malicious code in bioql PyPI...
EUVD-2023-29835
Malicious code in bioql PyPI...
applications_hap
It is an offensive tool for mobile applications. The repository contains a collection of HAP HarmonyOS Application Package files, which are likely used for testing or demonstrating various mobile applications on the HarmonyOS platform. The files include demos for features such as flashlight, medi...
Malicious code in @zalastax/nolb-hap- (npm)
The package @zalastax/nolb-hap- was found to contain malicious code...
MAL-2025-11916 Malicious code in @zalastax/nolb-hap_ (npm)
The package @zalastax/nolb-hap was found to contain malicious code...
Malicious code in @zalastax/nolb-hap_ (npm)
The package @zalastax/nolb-hap was found to contain malicious code...
MAL-2025-11914 Malicious code in @zalastax/nolb-hap- (npm)
The package @zalastax/nolb-hap- was found to contain malicious code...