11 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3658
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered dow...
CVE-2022-45480
PC Keyboard WiFi & Bluetooth allows an attacker in a man-in-the-middle position between the server and a connected device to see all data including keypresses in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N...
CVE-2022-33734
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission...
CVE-2022-33728
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal...
CVE-2022-33728
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal...
DEBIAN-CVE-2021-3658
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to...
CVE-2021-0604
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2020-14292
In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone...
CVE-2018-9588
In avdtscbhdlreport of avdtscbact.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges...
The vulnerability of the smp_process_keypress_notification function in the Android operating system, which allows a hacker to disclose protected information
The vulnerability of the smpprocesskeypressnotification function smpact.cc in the Android operating system is related to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to disclose sensitive information using Bluetooth...
The vulnerability of the mca_ccb_hdl_req function in the Android operating system allows a hacker to disclose protected information.
The vulnerability of the mcaccbhdlreq function mcacact.cc in the Android operating system relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information using Bluetooth...