Vulnerabilities > Bluez
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-10 | CVE-2021-3588 | Out-of-bounds Read vulnerability in Bluez The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. | 3.3 |
| 2021-06-09 | CVE-2021-0129 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | 5.7 |
| 2021-02-02 | CVE-2020-24490 | Unspecified vulnerability in Bluez Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. low complexity bluez | 6.5 |
| 2020-10-15 | CVE-2020-27153 | Double Free vulnerability in multiple products In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. | 8.6 |
| 2020-03-12 | CVE-2020-0556 | Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access | 7.1 |
| 2019-01-28 | CVE-2018-10910 | Incorrect Authorization vulnerability in multiple products A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. | 3.3 |
| 2017-09-12 | CVE-2017-1000250 | Information Exposure vulnerability in Bluez All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. | 6.5 |
| 2017-06-09 | CVE-2016-7837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities. | 7.8 |
| 2016-12-08 | CVE-2016-9917 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42 In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. | 7.5 |
| 2016-12-03 | CVE-2016-9804 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42 In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. | 5.3 |