Vulnerabilities > Bluez

DATE CVE VULNERABILITY TITLE RISK
2022-10-21 CVE-2022-3637 Improper Resource Shutdown or Release vulnerability in Bluez
A vulnerability has been found in Linux Kernel and classified as problematic.
local
low complexity
bluez CWE-404
5.5
2022-10-17 CVE-2022-3563 Improper Resource Shutdown or Release vulnerability in Bluez
A vulnerability classified as problematic has been found in Linux Kernel.
low complexity
bluez CWE-404
5.7
2022-09-02 CVE-2022-39176 BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
low complexity
bluez canonical debian
8.8
2022-09-02 CVE-2022-39177 BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
low complexity
bluez canonical debian
8.8
2022-03-10 CVE-2022-0204 Integer Overflow or Wraparound vulnerability in multiple products
A heap overflow vulnerability was found in bluez in versions prior to 5.63.
8.8
2022-03-02 CVE-2021-3658 Incorrect Authorization vulnerability in multiple products
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up.
low complexity
bluez fedoraproject CWE-863
3.3
2021-11-29 CVE-2019-8921 Insufficient Verification of Data Authenticity vulnerability in multiple products
An issue was discovered in bluetoothd in BlueZ through 5.48.
low complexity
bluez debian CWE-345
6.5
2021-11-29 CVE-2019-8922 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48.
low complexity
bluez debian CWE-787
8.8
2021-11-12 CVE-2021-41229 Memory Leak vulnerability in multiple products
BlueZ is a Bluetooth protocol stack for Linux.
low complexity
bluez debian CWE-401
6.5
2021-11-04 CVE-2021-43400 Use After Free vulnerability in multiple products
An issue was discovered in gatt-database.c in BlueZ 5.61.
network
low complexity
bluez debian CWE-416
critical
9.1