Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bt vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2015-8735
The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x prior to 2.0.1 uses an incorrect integer data type, which allows remote malicious users to cause a denial of service (invalid write operation and applicat...
Wireshark Wireshark 2.0.0
1 EDB exploit
7.8
CVSSv3
CVE-2021-35129
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure an...
Qualcomm Ar8035 Firmware -
Qualcomm Ipq5010 Firmware -
Qualcomm Ipq5018 Firmware -
Qualcomm Ipq5028 Firmware -
Qualcomm Qca2062 Firmware -
Qualcomm Qca2064 Firmware -
Qualcomm Qca2065 Firmware -
Qualcomm Qca2066 Firmware -
Qualcomm Qca6391 Firmware -
Qualcomm Qca8081 Firmware -
Qualcomm Qca8337 Firmware -
Qualcomm Qcc710 Firmware -
Qualcomm Qcm6490 Firmware -
Qualcomm Qcn6023 Firmware -
Qualcomm Qcn6024 Firmware -
Qualcomm Qcn6100 Firmware -
Qualcomm Qcn6102 Firmware -
Qualcomm Qcn6112 Firmware -
Qualcomm Qcn6122 Firmware -
Qualcomm Qcn6132 Firmware -
Qualcomm Qcn9000 Firmware -
Qualcomm Qcn9012 Firmware -
NA
CVE-2006-6540
SQL injection vulnerability in bt-trackback.php in Bluetrait prior to 1.2.0, when trackback is enabled, allows remote malicious users to execute arbitrary SQL commands via unspecified parameters. NOTE: some of these details are obtained from third party information.
Bluetrait Bluetrait 0.3.6
Bluetrait Bluetrait 0.3.9
Bluetrait Bluetrait 0.5 Beta2
Bluetrait Bluetrait 0.5.1
Bluetrait Bluetrait 0.4.5
Bluetrait Bluetrait
Bluetrait Bluetrait 0.4.7
Bluetrait Bluetrait 1.1.0
Bluetrait Bluetrait 0.3.7
Bluetrait Bluetrait 0.4.6
Bluetrait Bluetrait 0.5.3
Bluetrait Bluetrait 0.4.3
Bluetrait Bluetrait 1.0.0
Bluetrait Bluetrait 0.4.8 Beta1
Bluetrait Bluetrait 0.4
Bluetrait Bluetrait 0.3.5
Bluetrait Bluetrait 0.4.10
Bluetrait Bluetrait 0.4.2
Bluetrait Bluetrait 0.4.9
Bluetrait Bluetrait 0.5.2
Bluetrait Bluetrait 0.3.2
Bluetrait Bluetrait 0.3.10
9.8
CVSSv3
CVE-2020-25283
An issue exists on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT manager allows malicious users to bypass intended access restrictions on a certain mode. The LG ID is LVE-SMP-200021 (September 2020).
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
9.8
CVSSv3
CVE-2022-26447
In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478.
Google Android 10.0
Google Android 11.0
Google Android 12.0
Yoctoproject Yocto 3.1
5.5
CVSSv3
CVE-2023-20929
In sendHalfSheetCancelBroadcast of HalfSheetActivity.java, there is a possible way to learn nearby BT MAC addresses due to an unrestricted broadcast intent. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not nee...
Google Android 13.0
NA
CVE-2015-2043
Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyConnection Server 8.2b allow remote malicious users to inject arbitrary web script or HTML via the (1) bt, (2) variable, or (3) et parameter to myspeed/db/historyitem.
Visualware Myconnection Server 8.2b
6.5
CVSSv3
CVE-2018-16265
The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen prior to 5.0 M1, and Tizen-based firmwares including Samsung...
Linux Tizen 1.0
Linux Tizen 2.0
Linux Tizen 2.1
Linux Tizen 2.2
Linux Tizen 2.2.1
Linux Tizen 2.3
Linux Tizen 2.3.1
Linux Tizen 2.4
Linux Tizen 3.0
Linux Tizen 4.0
Linux Tizen 5.0
6.5
CVSSv3
CVE-2021-3436
BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions >= 1.14.2, >= 2.4.0, >= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https:...
Zephyrproject Zephyr 1.14.2
Zephyrproject Zephyr 2.5.0
Zephyrproject Zephyr 2.4.0
5.9
CVSSv3
CVE-2023-35867
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated malicious user to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. throu...
Bosch Building Integration System Video Engine
Bosch Bosch Video Management System
Bosch Video Management System Viewer
Bosch Configuration Manager
Bosch Divar Ip 7000 R2 Firmware
Bosch Divar Ip All-in-one 4000 Firmware
Bosch Divar Ip All-in-one 5000 Firmware
Bosch Divar Ip All-in-one 6000 Firmware
Bosch Divar Ip All-in-one 7000 Firmware
Bosch Divar Ip All-in-one 7000 R3 Firmware
Bosch Intelligent Insights
Bosch Onvif Camera Event Driver Tool
Bosch Project Assistant
Bosch Video Security Client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »