bluez project bluez vulnerabilities and exploits

(subscribe to this query)

5.4

CVSSv2

hidd in BlueZ (bluez-utils) prior to 2.25 allows remote malicious users to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack.

Bluez Project Bluez

1 EDB exploit

7.5

CVSSv2

security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote malicious users to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper.

Bluez Project Bluez 2.18

5

CVSSv2

Buffer overflow in l2cap.c in hcidump 1.29 allows remote malicious users to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.

Bluez Project Hcidump 1.29

6.9

CVSSv2

Blueman is a GTK+ Bluetooth Manager. In Blueman prior to 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower...

Blueman Project Blueman Debian Debian Linux 9.0 Debian Debian Linux 10.0 Fedoraproject Fedora 31 Fedoraproject Fedora 32 Fedoraproject Fedora 33

7.2

CVSSv2

A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.

Nitro Enclaves Project Nitro Enclaves Redhat Enterprise Linux 8.0 Fedoraproject Fedora 34

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook