Lucene search
K

370 matches found

CNVD
CNVD
added 2018/01/17 12:0 a.m.8 views

Google Android Kernel Bluez Elevation of Privilege Vulnerability

Android on Google Pixel and Nexus is an open source Linux-based operating system for the Google Pixel and Nexus smartphones developed by Google and the Open Handset Alliance OHA.Kernel Bluez is one of the Bluetooth protocol stacks. Kernel Bluez is one of the Bluetooth protocol stacks. An elevatio...

7.8CVSS7.3AI score0.0028EPSS
Exploits0References1
OSV
OSV
added 2017/10/10 9:29 p.m.2 views

DEBIAN-CVE-2017-15192

In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level...

7.5CVSS7.4AI score0.02427EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.9 views

The vulnerability in the implementation of the SDP protocol for Bluetooth driver of Windows operating systems allows attackers to carry out “man-in-the-middle” attacks.

The vulnerability of the SDP protocol implementation for Bluetooth drivers in Windows operating systems is related to incorrect security requirements. Exploiting this vulnerability allows a malicious actor to create a network interface and use it to execute a type of “man-in-the-middle” attack...

7.9CVSS7.4AI score0.02307EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.6 views

The vulnerability of the L2CAP component of the Bluetooth protocol implementation allows a hacker to execute arbitrary code.

The vulnerability of the L2CAP component of the BlueZ software suite, which implements Bluetooth protocols, is related to buffer overflow attacks. Exploiting this vulnerability allows a remote attacker to control the size of the buffer and execute arbitrary code...

8CVSS7.6AI score0.16181EPSS
Exploits12References63Affected Software3
CNVD
CNVD
added 2017/09/13 12:0 a.m.6 views

Android BNEP Remote Code Execution Vulnerability

The Bluetooth Network Encapsulation Protocol BNEP is used to transfer data from another protocol stack via L2CAP. A remote code execution vulnerability exists in Android BNEP. The vulnerability is in the Bluetooth Network Encapsulation Protocol BNEP service, which allows Internet sharing over a...

8.8CVSS9.1AI score0.2285EPSS
Exploits13References1
RedHat Linux
RedHat Linux
added 2017/09/12 5:46 p.m.4 views

kernel: stack buffer overflow in the native Bluetooth stack

A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel CONFIGCCSTACKPROTECTOR=y, which is enabled on all architectures other tha...

8CVSS7.4AI score0.16181EPSS
Exploits12References8
The Hacker News
The Hacker News
added 2017/09/12 5:52 a.m.150 views

BlueBorne: Critical Bluetooth Attack Puts Billions of Devices at Risk of Hacking

If you are using a Bluetooth enabled device, be it a smartphone, laptop, smart TV or any other IoT device, you are at risk of malware attacks that can carry out remotely to take over your device even without requiring any interaction from your side. Security researchers have just discovered total...

8.3CVSS8.1AI score0.2285EPSS
Exploits28
OSV
OSV
added 2017/06/02 5:29 a.m.2 views

ALPINE-CVE-2017-9344

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value...

7.5CVSS6.8AI score0.02724EPSS
Exploits0References1
OSV
OSV
added 2017/04/12 10:59 a.m.3 views

DEBIAN-CVE-2016-7957

In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings...

7.5CVSS7.4AI score0.01699EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Linux operating system allows a malicious individual to gain access to confidential information from the kernel’s stack memory.

The vulnerability exists in the Linux kernel’s Bluetooth protocol stack due to improper initialization of certain structures. Exploiting this vulnerability allows local users to access confidential information from the kernel’s stack memory by using a specially crafted application that utilizes...

1.9CVSS5.5AI score0.00368EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.48 views

SUSE SLES10 Security Update : kernel (SUSE-SU-2014:0536-1)

The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS kernel has been updated to fix various security issues and several bugs. The following security issues have been addressed : CVE-2011-2492: The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data...

7CVSS7.7AI score0.04707EPSS
Exploits14References138
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Affix Bluetooth Protocol Stack 3.1/3.2 Signed Buffer Index Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/13347/info A local signed buffer index vulnerability affects Affix Bluetooth Protocol Stack. This issue is due to a failure of the affected utility to properly handle user-supplied buffer size parameters. This issue may b...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Affix Bluetooth Protocol Stack 3.1/3.2 Signed Buffer Index Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/13347/info A local signed buffer index vulnerability affects Affix Bluetooth Protocol Stack. This issue is due to a failure of the affected utility to properly handle user-supplied buffer size parameters. This issue may b...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/08/27 7:18 p.m.6 views

Kernel: Bluetooth: HCI & L2CAP information leaks

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

1.9CVSS5.8AI score0.00368EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/07/10 3:49 a.m.2 views

Kernel: Bluetooth: RFCOMM - information leak

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application...

1.9CVSS7.1AI score0.00368EPSS
Exploits0References4
OSV
OSV
added 2013/03/15 8:55 p.m.7 views

CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

5.7AI score
Exploits0References11
Prion
Prion
added 2013/03/15 8:55 p.m.21 views

Information disclosure

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

1.9CVSS5.9AI score0.00368EPSS
Exploits0References11Affected Software2
UbuntuCve
UbuntuCve
added 2013/03/07 12:0 a.m.25 views

CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

1.9CVSS5.9AI score0.00368EPSS
Exploits0References10
OSV
OSV
added 2013/03/07 12:0 a.m.5 views

UBUNTU-CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

1.9CVSS5.8AI score0.00368EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2012/12/04 12:0 a.m.66 views

Ubuntu: Security Advisory (USN-1648-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS7.1AI score0.00959EPSS
Exploits3References2
Rows per page
Query Builder