pkg:Debian/connman
26 total CVEsCRITICAL12HIGH5MEDIUM5
✅ Check your installed version
All known vulnerabilities
- from 0, < 1.36-2.1~deb10u3
- from 0, < 1.36-2.2+deb11u1
- from 0, < 1.33-3+deb9u3
- from 0, < 1.36-2.2
- from 0, < 1.21-1.2+deb8u1
- from 0, < 1.0-1.1+wheezy2
- from 0, < 1.35-1
- from 0, < 1.36-2.2+deb11u1
- from 0, < 1.36-2.1~deb10u4
- from 0, < 1.36-2.2+deb11u1
- from 0, < 1.36-2.2+deb11u1
- CRITICAL9.0CVE-2025-32743In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in…from 0
- from 0, < 1.36-2.1~deb10u1
- from 0, < 1.36-2.1
- from 0, < 1.33-3+deb9u2
- HIGH8.1CVE-2022-32293In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling,…from 0, < 1.36-2.2+deb11u1
- from 0, < 1.36-2.2+deb11u1
- from 0, < 1.36-2.2+deb11u2
- from 0, < 1.36-2.2+deb11u2
- from 0, < 1.36-2.1~deb10u5
- MEDIUM6.5CVE-2021-26676gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation…from 0, < 1.36-2.1
- MEDIUM4.8CVE-2025-32366In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and…from 0
- —CVE-2012-6459ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obt…from 0, < 1.0-1.1
- —CVE-2012-2322Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of se…from 0, < 1.0-1
- —CVE-2012-2321The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host…from 0, < 1.0-1
- —CVE-2012-2320ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended acces…from 0, < 1.0-1