VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Bluez
>
Bluez
> 5.53
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-10-21
CVE-2022-3637
Improper Resource Shutdown or Release vulnerability in Bluez
A vulnerability has been found in Linux Kernel and classified as problematic.
local
low complexity
bluez
CWE-404
5.5
5.5
2022-10-17
CVE-2022-3563
Improper Resource Shutdown or Release vulnerability in Bluez
A vulnerability classified as problematic has been found in Linux Kernel.
low complexity
bluez
CWE-404
5.7
5.7
2022-09-02
CVE-2022-39176
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
low complexity
bluez
canonical
debian
8.8
8.8
2022-09-02
CVE-2022-39177
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
low complexity
bluez
canonical
debian
8.8
8.8
2022-03-10
CVE-2022-0204
Integer Overflow or Wraparound vulnerability in multiple products
A heap overflow vulnerability was found in bluez in versions prior to 5.63.
low complexity
bluez
fedoraproject
debian
CWE-190
8.8
8.8
2022-03-02
CVE-2021-3658
Incorrect Authorization vulnerability in multiple products
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up.
low complexity
bluez
fedoraproject
CWE-863
3.3
3.3
2021-06-10
CVE-2021-3588
Out-of-bounds Read vulnerability in Bluez
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
local
low complexity
bluez
CWE-125
3.3
3.3
2021-06-09
CVE-2021-0129
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
low complexity
bluez
redhat
debian
5.7
5.7
2020-10-15
CVE-2020-27153
Double Free vulnerability in multiple products
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c.
network
low complexity
bluez
debian
opensuse
CWE-415
7.5
7.5
2020-03-12
CVE-2020-0556
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
low complexity
bluez
canonical
debian
opensuse
5.8
5.8