Vulnerabilities > Bluez > Bluez

DATE CVE VULNERABILITY TITLE RISK
2021-11-29 CVE-2019-8922 Out-of-bounds Write vulnerability in Bluez
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48.
low complexity
bluez CWE-787
5.8
2021-11-29 CVE-2019-8921 Insufficient Verification of Data Authenticity vulnerability in Bluez
An issue was discovered in bluetoothd in BlueZ through 5.48.
low complexity
bluez CWE-345
3.3
2021-11-12 CVE-2021-41229 Resource Exhaustion vulnerability in multiple products
BlueZ is a Bluetooth protocol stack for Linux.
low complexity
bluez debian CWE-400
3.3
2021-11-04 CVE-2021-43400 Use After Free vulnerability in Bluez 5.61
An issue was discovered in gatt-database.c in BlueZ 5.61.
network
low complexity
bluez CWE-416
6.4
2021-06-10 CVE-2021-3588 Out-of-bounds Read vulnerability in Bluez
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
local
low complexity
bluez CWE-125
2.1
2021-06-09 CVE-2021-0129 Incorrect Authorization vulnerability in multiple products
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
low complexity
bluez redhat debian CWE-863
2.7
2021-02-02 CVE-2020-24490 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez
Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access.
low complexity
bluez CWE-119
3.3
2020-11-23 CVE-2020-12352 Information Exposure vulnerability in multiple products
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
low complexity
bluez canonical CWE-200
3.3
2020-10-15 CVE-2020-27153 Double Free vulnerability in Bluez
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c.
network
low complexity
bluez CWE-415
7.5
2020-03-12 CVE-2020-0556 Improper Privilege Management vulnerability in multiple products
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
5.8