threat
engine
.sh
Back
·
··:··
Home
/
Product
/
intel connman
Product
intel connman
13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-28488
>= 0.55 and <= 1.41
client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a
6.5
MEDIUM
CVE-2022-32293
<= 1.41
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR
8.1
HIGH
CVE-2022-32292
<= 1.41
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer
9.8
CRITICAL
CVE-2022-23098
<= 1.40
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no d
7.5
HIGH
CVE-2022-23097
<= 1.40
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-o
9.1
CRITICAL
CVE-2022-23096
<= 1.40
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presen
9.1
CRITICAL
CVE-2021-26676
< 1.39
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exp
6.5
MEDIUM
CVE-2021-26675
< 1.39
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
8.8
HIGH
CVE-2017-12865
<= 1.34
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (cras
9.8
CRITICAL
CVE-2012-6459
all versions
ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attacke
CVE-2012-2322
<= 0.84
Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a den
CVE-2012-2321
<= 0.84
The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the
CVE-2012-2320
<= 0.84
ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass inten
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin