Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bluetooth bluetooth core specification vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2021-33034
In the Linux kernel prior to 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
Linux Linux Kernel
Fedoraproject Fedora 34
Debian Debian Linux 9.0
2.1
CVSSv2
CVE-2021-3564
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3....
Linux Linux Kernel
Fedoraproject Fedora 34
Debian Debian Linux 9.0
4.9
CVSSv2
CVE-2021-29650
An issue exists in the Linux kernel prior to 5.11.11. The netfilter subsystem allows malicious users to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, a...
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
1 Github repository
6.9
CVSSv2
CVE-2021-3573
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blackl...
Linux Linux Kernel 5.13
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
4.4
CVSSv2
CVE-2021-32399
net/bluetooth/hci_request.c in the Linux kernel up to and including 5.12.2 has a race condition for removal of the HCI controller.
Linux Linux Kernel
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
2.7
CVSSv2
CVE-2021-0129
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
Bluez Bluez
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
4.7
CVSSv2
CVE-2021-33624
In kernel/bpf/verifier.c in the Linux kernel prior to 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
Linux Linux Kernel
Debian Debian Linux 9.0
1 Github repository
2.1
CVSSv2
CVE-2021-38208
net/nfc/llcp_sock.c in the Linux kernel prior to 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
Linux Linux Kernel
6.9
CVSSv2
CVE-2020-26541
The Linux kernel up to and including 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
Linux Linux Kernel
5.6
CVSSv2
CVE-2021-3506
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions prior to 5.12.0-rc4. A bounds check failure allows a local malicious user to gain access to out-of-bounds memory leading to a system crash or a leak of interna...
Linux Linux Kernel 5.12
Linux Linux Kernel
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »