Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7. It also affects Ansible Tower in versions 3.4.5 and 3.5.5, as well as 3.6.3, when the ldapattr and ldapentry community modules are used. This issue exposes the LDAP bind...

EUVD-2019-18310

Malware in sbrugna...

EUVD-2025-25842

Malicious code in bioql PyPI...

CVE-2025-0074

In processserviceattrrsp of sdpdiscovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android Code Execution Vulnerability (CNVD-2025-19983)

Google Android is a Linux-based open source operating system from Google. A code execution vulnerability exists in Google Android due to a free use of processserviceattrrsp in sdpdiscovery.cc. An attacker can exploit the vulnerability to execute arbitrary code on the system...

CVE-2025-22411

In processserviceattrrsp of sdpdiscovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0074

In processserviceattrrsp of sdpdiscovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0074

In processserviceattrrsp of sdpdiscovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22411

CVE-2025-22411 affects the Android Bluetooth SDP discovery path: use-after-free in process_service_attr_rsp (sdp_discovery.cc) due to a logic error, enabling remote code execution with no privileges and no user interaction. Exploitation is described as proximal/adjacent (Bluetooth range). Root ca...

CVE-2025-22411

In processserviceattrrsp of sdpdiscovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0074

In processserviceattrrsp of sdpdiscovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9449

In processservicesearchattrrsp of sdpdiscovery.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9478

In processserviceattrreq and processservicesearchattrreq of sdpserver.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

SUSE CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

DEBIAN-CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

DEBIAN-CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

UBUNTU-CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

UBUNTU-CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...