EUVD-2023-0970

Malicious code in bioql PyPI...

EUVD-2023-0990

Malicious code in bioql PyPI...

CVE-2023-26110

All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

CVE-2023-26109

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

@byinti/printer-js (>=0.0.1 <=0.0.6), @dkaframework/printer (=1.0.1) +18 more potentially affected by CVE-2023-26110 via node-bluetooth (=1.2.6)

node-bluetooth NPM version =1.2.6 is affected by a known vulnerability. The following packages have a transitive dependency on node-bluetooth and may be impacted: - @byinti/printer-js =0.0.1, =1.0.3, =1.2.11, =0.0.3, =2.5.0, =0.0.1-alpha.0, =0.1.0, =0.1.8, =1.0.3, =0.1.3, =0.1.5 - flexprinter...

iobroker.combustion-control (=0.0.1), jcode-ble (=0.0.1) +1 more potentially affected by CVE-2023-26109 via node-bluetooth-serial-port (=2.2.7)

node-bluetooth-serial-port NPM version =2.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on node-bluetooth-serial-port and may be impacted: - iobroker.combustion-control =0.0.1 - jcode-ble =0.0.1 - jcode-bluetooth =0.1.0, =0.9.2 Source cves:...

GHSA-9JH3-4PC9-HQ29 node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannel

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

node-bluetooth is vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation

All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

GHSA-CXX3-36QC-M6QM node-bluetooth is vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation

All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

CVE-2023-26110

All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

Buffer overflow

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

CVE-2023-26109

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

CVE-2023-26110

All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation...

CVE-2023-26110

CVE-2023-26110 affects the node-bluetooth package. All versions are vulnerable to a Buffer Overflow in the findSerialPortChannel method caused by improper user input length validation. Documents describe this as a critical issue with high impact on confidentiality, integrity, and availability, an...

npm node-bluetooth 安全漏洞

npm node-bluetooth is a Node.js serial port communication for Bluetooth from npm USA. A security vulnerability exists in npm node-bluetooth that stems from incorrect user input length validation, which can be exploited by an attacker to cause a buffer overflow via the findSerialPortChannel method...

npm node-bluetooth 安全漏洞

npm node-bluetooth is a Node.js serial port communication for Bluetooth from npm USA. A security vulnerability exists in npm node-bluetooth that stems from incorrect user input length validation, which can be exploited by an attacker to cause a buffer overflow via the findSerialPortChannel method...

@byinti/printer-js (>=0.0.1 <=0.0.6), @dkaframework/printer (=1.0.1) +18 more potentially affected by CVE-2023-26110 via node-bluetooth (=1.2.6)

node-bluetooth NPM version =1.2.6 is affected by a known vulnerability. The following packages have a transitive dependency on node-bluetooth and may be impacted: - @byinti/printer-js =0.0.1, =1.0.3, =1.2.11, =0.0.3, =2.5.0, =0.0.1-alpha.0, =0.1.0, =0.1.8, =1.0.3, =0.1.3, =0.1.5 - flexprinter...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. PoC js const BluetoothSerialPort = require"node-bluetooth" const serial = new BluetoothSerialPort.DeviceINQ...