EUVD-2014-3382

Malware in sbrugna...

EUVD-2021-28288

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-41229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung...

USN-5932-1 sofia-sip vulnerabilities

It was discovered that Sofia-SIP incorrectly handled specially crafted SDP packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LT...

CVE-2021-41229

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...

CVE-2021-41229

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...

CVE-2021-41229

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...

CVE-2021-41229

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...

PT-2021-7413 · Bluez +8 · Bluez +8

Name of the Vulnerable Software and Affected Versions: BlueZ affected versions not specified Description: A memory leak issue exists in the sdp cstate alloc buf function of the BlueZ Bluetooth protocol stack for Linux. This function allocates memory that remains in the singly linked list of cstat...

CVE-2014-3369

The SIP IX implementation in Cisco TelePresence Video Communication Server VCS and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service device reload via crafted SDP packets, aka Bug ID CSCuo42252...

CVE-2014-3369

Cisco TelePresence Video Communication Server (VCS) and Expressway Software prior to X8.1.1 are affected by a DoS vulnerability in the SIP IX implementation triggered by specially crafted SDP packets, causing a device reload. The issue is tied to CSCuo42252 (SIP IX) and is addressed by Cisco in a...

CVE-2013-5526

Cisco 9900 fourth-generation IP phones do not properly perform SDP negotiation, which allows remote attackers to cause a denial of service device reboot via crafted SDP packets, aka Bug ID CSCuf06698...

CVE-2013-5526

The CVE-2013-5526 issue affects Cisco Unified IP Phone 8900/9900 series (Cisco 9900 fourth‑gen phones). It stems from improper SDP negotiation in the phones’ SDP handling, allowing an unauthenticated remote attacker to trigger a device reboot (DoS) by sending crafted SDP packets. Exploitation rel...

Memory corruption

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field th...

CVE-2008-2374

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field th...

CVE-2008-2374

src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field th...

CVE-2008-1453

The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol SDP packets...

CVE-2007-3753

Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a denial of service application termination and execute arbitrary code via crafted Service Discovery Protocol SDP packets, related to insufficient input validation...