VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Bluez
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-11-22
CVE-2024-8805
Unspecified vulnerability in Bluez 5.77
BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability.
low complexity
bluez
8.8
8.8
2022-09-02
CVE-2022-39176
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
low complexity
bluez
canonical
debian
8.8
8.8
2022-09-02
CVE-2022-39177
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
low complexity
bluez
canonical
debian
8.8
8.8
2022-03-10
CVE-2022-0204
Integer Overflow or Wraparound vulnerability in multiple products
A heap overflow vulnerability was found in bluez in versions prior to 5.63.
low complexity
bluez
fedoraproject
debian
CWE-190
8.8
8.8
2021-11-29
CVE-2019-8922
Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48.
low complexity
bluez
debian
CWE-787
8.8
8.8
2020-10-15
CVE-2020-27153
Double Free vulnerability in multiple products
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c.
network
low complexity
bluez
debian
opensuse
CWE-415
8.6
8.6
2020-03-12
CVE-2020-0556
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
low complexity
bluez
canonical
debian
opensuse
7.1
7.1
2017-06-09
CVE-2016-7837
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.
local
low complexity
bluez
CWE-119
7.8
7.8
2016-12-08
CVE-2016-9917
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez 5.42
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file.
network
low complexity
bluez
CWE-119
7.5
7.5