Vulnerabilities > Bluez
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-0204 | Out-of-bounds Write vulnerability in multiple products A heap overflow vulnerability was found in bluez in versions prior to 5.63. | 5.8 |
| 2022-03-02 | CVE-2021-3658 | Incorrect Authorization vulnerability in multiple products bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. | 3.3 |
| 2021-11-29 | CVE-2019-8921 | Insufficient Verification of Data Authenticity vulnerability in Bluez An issue was discovered in bluetoothd in BlueZ through 5.48. | 3.3 |
| 2021-11-29 | CVE-2019-8922 | Out-of-bounds Write vulnerability in Bluez A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. | 5.8 |
| 2021-11-12 | CVE-2021-41229 | Memory Leak vulnerability in multiple products BlueZ is a Bluetooth protocol stack for Linux. | 3.3 |
| 2021-11-04 | CVE-2021-43400 | Use After Free vulnerability in Bluez 5.61 An issue was discovered in gatt-database.c in BlueZ 5.61. | 6.4 |
| 2021-06-10 | CVE-2021-3588 | Out-of-bounds Read vulnerability in Bluez The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. | 2.1 |
| 2021-06-09 | CVE-2021-0129 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | 2.7 |
| 2021-02-02 | CVE-2020-24490 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. | 3.3 |
| 2020-11-23 | CVE-2020-12352 | Information Exposure vulnerability in multiple products Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. | 3.3 |