CVE-2026-10651

A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...

CVE-2026-0162

Technical details for CVE-2026-0162 are not publicly provided in the connected documents. The available descriptions only indicate a memory corruption in AudioSdpParser.cpp potentially enabling remote code execution. Monitor for updates and additional technical disclosures.

CVE-2026-0059

In multiple functions of sdpdiscovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0059

In multiple functions of sdpdiscovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0059

Technical details about CVE-2026-0059 are not publicly available in the provided documents; no affected products, versions, root cause, or mitigations are disclosed here. Monitor for updates.

CVE-2026-0059

In multiple functions of sdpdiscovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0059

In multiple functions of sdpdiscovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0059

In multiple functions of sdpdiscovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a buffer overflow in multiple functions within sdpdiscovery.cc. This vulnerability may lead to remote code execution, and it can be...

PT-2026-45578

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A heap buffer overflow exists in multiple functions within sdp discovery.cc. This flaw allows for remote code execution in proximal or adjacent network environments without requiring addition...

ASB-A-447536200

In multiple functions of sdpdiscovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-481652714

In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1746)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1746 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE CVE-2026-23401 In the Linux kernel, the followi...

Unity Linux 20.1070e Security Update: bluez (UTSA-2026-016764)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016764 advisory. BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in t...

Astra Linux - уязвимость в wireshark

A memory leak in the BT SDP dissector in Wireshark versions 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows for denial of service through packet injection or malicious capture files...

CVE-2026-41898 vulnerabilities

Vulnerabilities for packages: sdp-k8s-injector, sentry-cli, deno, komodo, rustls-openssl-client, rustup, sqlx, typst, sccache, bootc, valkey-ldap, ztunnel-fips, guestproxyagent, vector, rpm-sequoia...

CVE-2026-41898 vulnerabilities

Vulnerabilities for packages: rpm-sequoia, sqlx, rustup, sdp-k8s-injector, sccache, vector, deno...

Astra Linux – Vulnerability in Wireshark

The BT SDP dissector has an infinite loop in Wireshark versions 4.0.0 to 4.0.7, and 3.6.0 to 3.6.15. This issue allows for denial of service through packet injection or with crafted capture files...

Astra Linux – Vulnerability in Wireshark

A buffer overflow in the Bluetooth SDP dissector in Wireshark versions 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows for denial of service through packet injection or malicious capture files...

Linux Distros Unpatched Vulnerability : CVE-2026-5655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service CVE-2026-5655 Note that Nessus relies on the presence of the package as report...