Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bluetooth bluetooth core specification vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2023-24023
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 up to and including 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injecti...
Bluetooth Bluetooth Core Specification
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows Server 2022 23h2
Microsoft Windows 10 21h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
1 Github repository
1 Article
4.3
CVSSv3
CVE-2022-24695
Bluetooth Classic in Bluetooth Core Specification up to and including 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetoot...
Bluetooth Bluetooth Core Specification
7.5
CVSSv3
CVE-2022-25836
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connect...
Bluetooth Bluetooth Core Specification
7.5
CVSSv3
CVE-2022-25837
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN cod...
Bluetooth Bluetooth Core Specification
4.3
CVSSv3
CVE-2020-35473
An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 up to and including 5.2, and extended scan response in Bluetooth Core Specifications 5.0 up to and including 5.2, may be used to identify devices usin...
Bluetooth Bluetooth Core Specification
6.4
CVSSv3
CVE-2021-3573
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl...
Linux Linux Kernel 5.13
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
5.5
CVSSv3
CVE-2021-38208
net/nfc/llcp_sock.c in the Linux kernel prior to 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
Linux Linux Kernel
7.8
CVSSv3
CVE-2021-28691
Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread...
Linux Linux Kernel
Netapp Cloud Backup -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
5.3
CVSSv3
CVE-2021-31615
Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 up to and including 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission...
Bluetooth Bluetooth Core Specification
4.7
CVSSv3
CVE-2021-33624
In kernel/bpf/verifier.c in the Linux kernel prior to 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
Linux Linux Kernel
Debian Debian Linux 9.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »