80 matches found
CVE-2025-52908
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 1 of 2...
CVE-2025-52908
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 1 of 2...
CVE-2025-52908
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 1 of 2...
CVE-2019-2312
When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in...
CVE-2025-53966
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message...
CVE-2025-49495
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow...
CVE-2025-49495
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow...
CVE-2025-53966
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message...
CVE-2025-49495
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow...
EUVD-2026-0814
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow...
PT-2026-1322
Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1380 Samsung Mobile Processor Exynos 1480 Samsung Mobile Processor Exynos 2400 Samsung Mobile Processor Exynos 1580 Description A flaw exists in the WiFi driver of Samsung Mobile Processors. Improper handling of...
EUVD-2026-0809
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message...
PT-2026-1324
Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1380 Samsung Mobile Processor Exynos 1480 Samsung Mobile Processor Exynos 2400 Samsung Mobile Processor Exynos 1580 Description An improper handling of the NL80211 vendor command results in a buffer overflow whe...
CVE-2025-49495
CVE-2025-49495 affects the Samsung Mobile Processor Exynos family (1380, 1480, 2400, 1580). Description: mishandling of an NL80211 vendor command leads to a buffer overflow in the WiFi driver. Connected sources confirm this vulnerability and note patches: Samsung’s January 2026 SMR includes a fix...
CVE-2025-53966
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message...
CVE-2025-49495
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow...
CVE-2025-68474
CVE-2025-68474 affects ESF-IDF (Espressif IoT Development Framework) in ESP-IDF BlueDroid AVRCP stack. In avrc_vendor_msg(), the code validates the buffer with AVRC_MIN_CMD_LEN = 20 bytes, but the fixed header written before the vendor payload is 29 bytes, causing an out-of-bounds write when vend...
CVE-2025-68474 ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...
CVE-2025-68474 ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...
CVE-2025-66409
CVE-2025-66409 affects ESP-IDF where AVRCP handling on ESP32 can read memory out-of-bounds due to insufficient validation of the VENDOR DEPENDENT command length. Affected versions include 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6 and earlier. Qualitative impact is memory exposure or unexpected behavior f...