BT: Unchecked user input in bap_broadcast_assistant
BT: Encryption procedure host vulnerability
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
BT: Classic: SDP OOB access in get_att_search_list
BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero
In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.
BT:Classic: Multiple missing buf length checks
A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, bt_sdp_parse_attribute() accepts an input buffer once it c
No proper validation of the length of user input in http_server_get_content_type_from_extension.
Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent acces
Possible out of bound access in audio module due to lack of validation of user provided input.
The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validat
Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.99.
Due to improper input validation, a buffer overflow vulnerability is present in
Zigbee EZSP Host Applications. If the buffer overflows, stack corruption is possible. In certain
conditions, this cou
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system.
In multiple functions of btm_ble_sec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote (proximal/adjacent) information disclosure with no addit
Information disclosure while handling beacon probe frame during scan entry generation in client side.
Improper verification of intent by SystemExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
Page 1+ Next →