Vulnerabilities > Bluez > Bluez > 5.53

DATE CVE VULNERABILITY TITLE RISK
2022-10-21 CVE-2022-3637 Improper Resource Shutdown or Release vulnerability in Bluez
A vulnerability has been found in Linux Kernel and classified as problematic.
local
low complexity
bluez CWE-404
5.5
2022-10-17 CVE-2022-3563 Improper Resource Shutdown or Release vulnerability in Bluez
A vulnerability classified as problematic has been found in Linux Kernel.
low complexity
bluez CWE-404
5.7
2022-09-02 CVE-2022-39176 BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
low complexity
bluez canonical debian
8.8
2022-09-02 CVE-2022-39177 BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
low complexity
bluez canonical debian
8.8
2022-03-10 CVE-2022-0204 Integer Overflow or Wraparound vulnerability in multiple products
A heap overflow vulnerability was found in bluez in versions prior to 5.63.
8.8
2022-03-02 CVE-2021-3658 Incorrect Authorization vulnerability in multiple products
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up.
low complexity
bluez fedoraproject CWE-863
3.3
2021-06-10 CVE-2021-3588 Out-of-bounds Read vulnerability in Bluez
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
local
low complexity
bluez CWE-125
3.3
2021-06-09 CVE-2021-0129 Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
low complexity
bluez redhat debian
5.7
2020-10-15 CVE-2020-27153 Double Free vulnerability in multiple products
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c.
network
low complexity
bluez debian opensuse CWE-415
7.5
2020-03-12 CVE-2020-0556 Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
low complexity
bluez canonical debian opensuse
5.8