CVE-2025-68135 EVerest's inadequate exception handling leads to denial of service

EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the TbdController loop, leading to its caller and itself to silently terminates. Thus, this leads to a denial of service as it is responsible of SDP and ISO15118-20 servers...

EUVD-2018-12936

Malware in sbrugna...

CVE-2025-22412

In multiple functions of sdpserver.cc, there is a possible use after free due to a logic error in the code. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0075

In processservicesearchattrreq of sdpserver.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android elevation of privilege vulnerability (CNVD-2025-19963)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a memory misreference vulnerability, which stems from a messed up instruction in sdpserver.cc that is responsible for freeing up memory, which can be exploited by an attacker to gain elevated...

CVE-2025-22412

In multiple functions of sdpserver.cc, there is a possible use after free due to a logic error in the code. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0075

In processservicesearchattrreq of sdpserver.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22412

In multiple functions of sdpserver.cc, there is a possible use after free due to a logic error in the code. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0075

CVE-2025-0075 is a use-after-free in process_service_search_attr_req of sdp_server.cc that can lead to remote code execution with no privileges or user interaction. Affected software is the Android platform (System component in the 2025-03-01/03 bulletin) and related Android sources describe this...

CVE-2023-21201

In oncreaterecordevent of btifsdpserver.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...

PT-2025-11075 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The software contains a use-after-free flaw in multiple functions within sdp server.cc due to a logic error. This issue may lead to remote code execution without requiring additional...

Linux Distros Unpatched Vulnerability : CVE-2017-1000250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain...

ASB-A-375404242

In multiple functions of sdpserver.cc, there is a possible use after free due to a logic error in the code. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9478

In processserviceattrreq and processservicesearchattrreq of sdpserver.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9479

In processserviceattrreq and processservicesearchattrreq of sdpserver.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9479

In processserviceattrreq and processservicesearchattrreq of sdpserver.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9479

In processserviceattrreq and processservicesearchattrreq of sdpserver.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2024-10713 · Bluez · Bluez

Name of the Vulnerable Software and Affected Versions: BlueZ affected versions not specified Description: The issue is caused by an out of bounds write due to a missing bounds check in the process service attr req and process service search attr req functions of sdp server.cc. This could lead to...

CVE-2023-21201

In oncreaterecordevent of btifsdpserver.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...

CVE-2023-21201

In oncreaterecordevent of btifsdpserver.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...