Lucene search
K

40 matches found

Cvelist
Cvelist
added 2023/06/02 12:0 a.m.20 views

CVE-2022-24695

Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with...

4.8AI score0.00409EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2022/11/09 8:0 a.m.4 views

A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.

...

7.8CVSS6.4AI score0.00347EPSS
Exploits0
Prion
Prion
added 2021/12/15 7:15 p.m.12 views

Design/Logic Flaw

In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP bluetooth device connection state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

4.6CVSS7.6AI score0.00104EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/08/25 12:0 a.m.4 views

B. Braun SpaceCom2 访问控制错误漏洞

B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to external devices to record data in a patient data management system, PC or USB stick.An access control error vulnerability exists in previous versions of B. Braun SpaceCom2 012U000062, which stems from a lack of...

8.6CVSS5.7AI score0.011EPSS
Exploits0References6
CNVD
CNVD
added 2020/09/23 12:0 a.m.3 views

Denial of Service Vulnerability in Omron Small PLC Series CP1L (CNVD-2020-58493)

CP1L is Omron's compact PLC series, an all-in-one PLC with built-in pulse output, analog input/output, and serial communication functions. A denial of service vulnerability exists in Omron Small PLC Series CP1L, which can be exploited by attackers to cause a device connection to be interrupted...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/04/28 3:41 p.m.3 views

kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver

An information-leak flaw was found in the Linux kernel's pcan USB driver. When a device using this driver connects to the system, the stack information is leaked to the CAN bus, a controller area network for automobiles. The highest threat with this vulnerability is breach of data confidentiality...

2.4CVSS6.8AI score0.00512EPSS
Exploits0References4
Citrix
Citrix
added 2019/12/06 12:0 a.m.5 views

Certificate chain no longer works correctly on Endpoint Management Server, devices fail to connect

You may notice that a certificate is soon to expire on Endpoint Management Server. After obtaining a new certificate, devices no longer connect. Inspecting the logs on the client show that there is now a certificate trust error, even though the new certificate is valid...

7.1AI score
Exploits0
NVD
NVD
added 2019/07/19 6:15 p.m.9 views

CVE-2019-12821

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code...

5.8CVSS5.2AI score0.00949EPSS
Exploits0References1
CVE
CVE
added 2019/07/19 5:20 p.m.156 views

CVE-2019-12821

The CVE concerns the Shenzhen Jisiwei i3 robot vacuum cleaner’s app 2.0. A QR code used to add a device to an account encodes the device ID using a predictable pattern (JSW + six digits). An attacker can generate a QR-code with a target device ID to connect an arbitrary device and gain full acces...

5.8CVSS5.2AI score0.00949EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.21 views

The vulnerability of the smsc75xx_bind processor in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the smsc75xxbind implementation in Linux kernel drivers drivers/net/usb/smsc75xx.ko is related to a memory allocation error. Exploiting this vulnerability can allow an attacker to cause a service failure when connecting a SMSC75XX USB 2.0 Gigabit Ethernet device. This creates...

6.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.3 views

The vulnerability in the implementation of the photg210_udc_probe handler in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the photg210udcprobe implementation in the loaded module of the drivers/usb/gadget/udc/fotg210-udc.ko kernel of the Linux operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting the FOTG210 UDC...

5.1CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.3 views

The vulnerability in the implementation of the hwarc_probe handler in the operating system kernel of Astra Linux allows a hacker to trigger a service failure.

The vulnerability in the implementation of the hwarcprobe function in the kernel of the Astra Linux operating system’s driver module drivers/uwb/hwa-rc.ko is related to a memory release error. In the hwarcprobe function, memory is allocated to hwarc, but this memory is not released correctly when...

6.2CVSS5.5AI score
Exploits0
OSV
OSV
added 2016/11/16 5:59 a.m.2 views

UBUNTU-CVE-2016-7915

The hidinputfield function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service out-of-bounds read by connecting a device, as demonstrated by a Logitech DJ receiver...

5.5CVSS6.7AI score0.01737EPSS
Exploits0References5
Cvelist
Cvelist
added 2016/11/16 4:49 a.m.27 views

CVE-2016-7915

The hidinputfield function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service out-of-bounds read by connecting a device, as demonstrated by a Logitech DJ receiver...

6.7AI score0.01737EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/11/03 8:6 a.m.6 views

kernel: HID: core: prevent out-of-bound readings

The hidinputfield function in 'drivers/hid/hid-core.c' in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service out-of-bounds read by connecting a device...

5.5CVSS7.2AI score0.01737EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2016/08/03 12:0 a.m.5 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the createpbuf function in the Bluetooth operating system component of the Android device is due to buffer overflow. Exploiting this vulnerability can allow an attacker to enhance their privileges by initiating device connection processes...

4.3CVSS7.7AI score0.00357EPSS
Exploits0References3Affected Software1
seebug.org
seebug.org
added 2015/09/15 12:0 a.m.10 views

OS X 10.10 Bluetooth TransferACLPacketToHW - Crash

No description provided by source. include include include include include include struct BluetoothCall uint64t args7; uint64t sizes7; uint64t index; ; int mainvoid / Finding vuln service / ioservicet service = IOServiceGetMatchingServicekIOMasterPortDefault,...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/03/19 12:0 a.m.3 views

Android audio_policy app native app denial of service vulnerability

Google Android is an open source operating system based on Linux, mainly used in portable devices. The AudioPolicyManagerBase::getDeviceConnectionState function in Google Android ardware/libhardwarelegacy/audio/AudioPolicyManagerBase.cpp fails to correctly check for a null pointer, allowing a loc...

5.5CVSS6.5AI score0.00269EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2009/01/21 12:0 a.m.4 views

PT-2009-2915 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue allows attackers to execute arbitrary code through various means, including inserting CD-ROM or DVD media, connecting a USB or Firewire device, mapping a network drive, ...

7.2CVSS7.2AI score0.06283EPSS
Exploits0References4
Fedora
Fedora
added 2008/03/06 4:33 p.m.58 views

[SECURITY] Fedora 8 Update: synce-gnome-0.11-2.fc8

SynCE-GNOME is currently just a buzzword for an idea that eventually, will encapsulate multiple applications into one applet. At the moment, SynCE-GNOME as we know it only displays nice libnotify messages when a devi ce is connected or disconnected, and it prompts for a password if one is requi r...

10CVSS2AI score0.06778EPSS
Exploits1
Rows per page
Query Builder