Lucene search
K

264 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:44 a.m.6 views

CVE-2024-47250

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI advertising report could lead to out-of-bound access when parsing HCI event and thus bogus GAP 'device found' events being sent. This issue requires broken or bogus Bluetooth controller and thus severity is...

5CVSS6.8AI score0.00664EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:44 a.m.6 views

CVE-2024-51569

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...

7.5CVSS6.8AI score0.01155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:49 a.m.13 views

CVE-2022-37930

A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays and HPE Nimble Storage Secondary Flash Arrays which could potentially allow local disclosure of sensitive information...

6.7CVSS6.8AI score0.00163EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:49 a.m.8 views

CVE-2022-37929

Improper Privilege Management vulnerability in Hewlett Packard Enterprise Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays...

6.7CVSS7AI score0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:42 p.m.9 views

CVE-2022-28618

A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. HPE has made the following...

9.8CVSS8.3AI score0.01765EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:28 p.m.9 views

CVE-2022-23705

A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. HPE has made the...

7.5CVSS7.1AI score0.00999EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:40 p.m.10 views

CVE-2020-7138

Potential remote code execution security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerabilit...

8.8CVSS8.4AI score0.01808EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:7 p.m.6 views

CVE-2020-7139

Potential remote access security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to access and modify sensitive information on the system. The following NimbleOS versions, and all subsequent releases, contain a software fix for this...

8.1CVSS7AI score0.00877EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:58 a.m.5 views

CVE-2018-17387

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account...

8.8CVSS7.1AI score0.00911EPSS
Exploits1References1
Circl
Circl
added 2025/05/21 5:43 p.m.17 views

CVE-2025-46822

creationtimestamp| type| source ---|---|--- 2025-05-21 17:43:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17159 2025-05-25 10:39:38+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3lpyhte3hkr22 2025-05-26 21:02:17+00:00| seen|...

8.7CVSS7.3AI score0.03847EPSS
Exploits14References6
RedhatCVE
RedhatCVE
added 2025/02/05 8:43 p.m.12 views

CVE-2022-37928

Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays...

8CVSS6.9AI score0.00278EPSS
Exploits0
CNVD
CNVD
added 2024/12/06 12:0 a.m.8 views

Apache NimBLE Buffer Overflow Vulnerability

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation, USA, that completely replaces the proprietary SoftDevice on Nordic chipsets.It is part of the Apache Mynewt project. Apache NimBLE suffers from a buffer overflow vulnerability that can be exploited...

6.3CVSS7.4AI score0.00692EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/06 12:0 a.m.10 views

Apache NimBLE Out-of-Bounds Read Vulnerability

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation, USA, that completely replaces the proprietary SoftDevice on Nordic chipsets.It is part of the Apache Mynewt project. An out-of-bounds read vulnerability exists in Apache NimBLE, which can be...

7.5CVSS6.6AI score0.01155EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/06 12:0 a.m.5 views

Apache NimBLE out-of-bounds read vulnerability (CNVD-2024-47712)

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation, USA, that completely replaces the proprietary SoftDevice on Nordic chipsets.It is part of the Apache Mynewt project. An out-of-bounds read vulnerability exists in Apache NimBLE, which can be...

5CVSS6.6AI score0.00664EPSS
Exploits0References1
NVD
NVD
added 2024/11/26 12:15 p.m.14 views

CVE-2024-51569

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...

7.5CVSS0.01155EPSS
Exploits0References3
NVD
NVD
added 2024/11/26 12:15 p.m.18 views

CVE-2024-47249

Improper Validation of Array Index vulnerability in Apache NimBLE. Lack of input validation for HCI events from controller could result in out-of-bound memory corruption and crash. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects...

5CVSS0.00597EPSS
Exploits0References3
NVD
NVD
added 2024/11/26 12:15 p.m.27 views

CVE-2024-47248

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Apache NimBLE. Specially crafted MESH message could result in memory corruption when non-default build configuration is used. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to...

6.3CVSS0.00692EPSS
Exploits0References3
NVD
NVD
added 2024/11/26 12:15 p.m.23 views

CVE-2024-47250

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI advertising report could lead to out-of-bound access when parsing HCI event and thus bogus GAP 'device found' events being sent. This issue requires broken or bogus Bluetooth controller and thus severity is...

5CVSS0.00664EPSS
Exploits0References4
OSV
OSV
added 2024/11/26 11:17 a.m.6 views

CVE-2024-51569 Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...

7.5CVSS6AI score0.01155EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/11/26 11:17 a.m.20 views

CVE-2024-51569 Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...

0.01155EPSS
Exploits0References2
Rows per page
Query Builder