MiracleLinux 9 : bluez-5.72-2.el9 (AXSA:2024-9114:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9114:01 advisory. bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 BlueZ: Audio Profile AVRCP...

CLSA-2025-1763031616 bluez: Fix of 10 CVEs

CVE-2023-27349: fix crash while handling unsupported events in avrcp - CVE-2023-44431: fix Stack-based buffer overflow and remote code execution vulnerability - CVE-2023-45866: restrict HID connections to avoid unauthorized input injection - CVE-2023-50229: fix heap-based buffer overflow...

EUVD-2022-47935

Malicious code in bioql PyPI...

EUVD-2023-12412

Malicious code in bioql PyPI...

EUVD-2023-55051

Malicious code in bioql PyPI...

EUVD-2023-56308

Malicious code in bioql PyPI...

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability

...

CLSA-2025-1755113613 bluez: Fix of 2 CVEs

CVE-2023-50229: fix heap-based buffer overflow vulnerability in handling Phone Book Access profile by adding proper validation of user-supplied data length before copying to buffer - CVE-2023-50230: fix heap-based buffer overflow vulnerability in Phone Book Access profile to prevent arbitrary...

CVE-2023-0351

The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. This could allow an attacker to upload files with executable command instructions...

CVE-2022-45010

Simple Phone Book/Directory Web App v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /PhoneBook/edit.php...

MGASA-2025-0115 Updated bluez packages fix security vulnerabilities

BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. CVE-2023-44431 BlueZ Audio Profile AVRCP avrcpparseattributelist Out-Of-Bounds Read Information Disclosure Vulnerability. CVE-2023-51580 BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read...

USN-7222-1 bluez vulnerabilities

Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious Bluetooth device, a remote attacker could possibly use this issue to execute arbitrary code...

USN-7222-1: BlueZ vulnerabilities

Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious Bluetooth device, a remote attacker could possibly use this issue to execute arbitrary code...

Astra Linux – Vulnerability in bluez

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability, as the target must connect...

Astra Linux – Vulnerability in bluez

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability, as the target must connect...

bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability

A flaw was found within the handling of the Phone Book Access profile in BlueZ. In certain conditions, a network-adjacent attacker can execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicio...

bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability

A flaw was found within the handling of the Phone Book Access profile in BlueZ. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a...

bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability

A flaw was found within the handling of the Phone Book Access profile in BlueZ. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a...

The vulnerability of the Phone Book Access component of the Bluetooth protocol stack for the Linux BlueZ operating system allows a hacker to execute arbitrary code.

The vulnerability of the Phone Book Access component in the Bluetooth protocol stack for the Linux BlueZ operating system is related to buffer overflow attacks. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-51596

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must...