BOSCH-SA-200802: Multiple vulnerabilities were discovered in the open source library \"libexpat\", affecting the XML parser functionality. These vulnerabilities allow for integer overflows and invalid negative values for buffer sizes. As this may affect the \"Import\" and \"Restore\" functionality - which use libexpat to parse XML files - of the device, …
BOSCH-SA-981803-BT: A vulnerability was discovered during internal testing of the Bosch Configuration Manager, which may temporarily store sensitive information of the configured system.
BOSCH-SA-659648-BT: A vulnerability was discovered in internal testing of Bosch IP cameras of families CPP13 and CPP14, that allows an unauthenticated attacker to retrieve video analytics event data. No video data is leaked through this vulnerability.
BOSCH-SA-587194-BT: DIVAR IP System Manager is a central user interface that provides an easy system setup, configuration and application software upgrades through an easily accessible web-based application. Multiple Curl vulnerabilities in the Git for Windows component have been discovered in DIVAR IP System Manager versions prior to 2.3.2, affecting several …
BOSCH-SA-248444: The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that …
BOSCH-SA-466062: When running Defensics test case #SMP legacy 1001 with loop mode on DUT configured as resolvable private address, after a while, the device will end up generating unresolvable random private address causing Denial of Service for already bonded peer devices. The potential vulnerability can impact Bluetooth® Low Energy devices …