Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bluez vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2020-0556
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
Bluez Bluez
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
7
CVSSv3
CVE-2021-31440
This vulnerability allows local malicious users to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
Linux Linux Kernel
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Cloud Backup -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H300s Firmware -
3 Github repositories
7
CVSSv3
CVE-2021-32399
net/bluetooth/hci_request.c in the Linux kernel up to and including 5.12.2 has a race condition for removal of the HCI controller.
Linux Linux Kernel
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
7
CVSSv3
CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman prior to 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower...
Blueman Project Blueman
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
6.8
CVSSv3
CVE-2017-8628
Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulner...
Microsoft Windows Server 2008 -
Microsoft Windows Rt 8.1
Microsoft Windows 7 -
Microsoft Windows 10 1703
Microsoft Windows 8.1
Microsoft Windows 10 1607
Microsoft Windows 10 -
Microsoft Windows 10 1511
2 Github repositories
6.7
CVSSv3
CVE-2021-3543
A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.
Nitro Enclaves Project Nitro Enclaves
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
6.5
CVSSv3
CVE-2021-3658
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the...
Bluez Bluez
Fedoraproject Fedora 34
6.5
CVSSv3
CVE-2019-8921
An issue exists in bluetoothd in BlueZ up to and including 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, result...
Bluez Bluez
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2021-41229
BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be...
Bluez Bluez 5.58
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-26141
An issue exists in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that s...
Alfa Awus036h Firmware 6.1316.1209
Cisco Meraki Gr10 Firmware
Cisco Meraki Gr60 Firmware
Cisco Meraki Mr20 Firmware
Cisco Meraki Mr30h Firmware
Cisco Meraki Mr33 Firmware
Cisco Meraki Mr36 Firmware
Cisco Meraki Mr42 Firmware
Cisco Meraki Mr42e Firmware
Cisco Meraki Mr44 Firmware
Cisco Meraki Mr45 Firmware
Cisco Meraki Mr46 Firmware
Cisco Meraki Mr46e Firmware
Cisco Meraki Mr52 Firmware
Cisco Meraki Mr53 Firmware
Cisco Meraki Mr53e Firmware
Cisco Meraki Mr55 Firmware
Cisco Meraki Mr56 Firmware
Cisco Meraki Mr70 Firmware
Cisco Meraki Mr74 Firmware
Cisco Meraki Mr76 Firmware
Cisco Meraki Mr84 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »