9 matches found
CVE-2025-68137
EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...
CVE-2025-68137
EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...
CVE-2025-68137 EVerest's Integer Overflow and Signed to Unsigned conversion lead to either stack buffer overflow or infinite loop
EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...
CVE-2025-68137
EVerest before version 2025.10.0 is affected by an integer overflow in SdpPacket::parse_header(). After reading an 8-byte header, the remaining length can be set to 7, and the calculation of the remaining length yields a negative value that is interpreted as SIZE_MAX. This can cause an infinite l...
PT-2026-3850
Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2025.10.0 Description EVerest is an EV charging software stack. An integer overflow in the SdpPacket::parse header function can occur when processing data. Specifically, the current buffer length can be set to 7 after...
Everest-core security vulnerabilities
Everest-core is a major component of the open-source electric vehicle charging software stack developed by EVerest. Versions of everest-core prior to 2025.10.0 contained security vulnerabilities. These vulnerabilities were caused by integer overflows in the SdpPacket::parseheader function, which...
Cisco Unified IP Phone 8900/9900 Series Crafted SDP Packet (CVE-2013-5526)
Cisco 9900 fourth-generation IP phones do not properly perform SDP negotiation, which allows remote attackers to cause a denial of service device reboot via crafted SDP packets, aka Bug ID CSCuf06698. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...
Controlled heap buffer overflow in SDP packet parsing
Description A malicious server can trigger an out-of-bounds heap write via a specially crafted SDP packet due to no bounds check when parsing time zone information into the AdjustmentTime and AdjustmentOffset fields of GFSDPTiming. Proof of Concept poc.py is available here terminal 1 python3 poc....
bluez bluetooth stack memory corruption
Memory corruption on SDP packet parsing...