43 matches found
ROS-20260129-73-0012
A vulnerability in the Audio Profile AVRCP component of the Bluetooth protocol stack for Linux BlueZ is related to reading outside the valid range. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
Exploit for CVE-2025-36911
CVE-2025-36911 scanner Tests unauthenticated BR/EDR L2CAP con...
MiracleLinux 8 : bluez-5.63-5.el8_10.ML.1 (AXSA:2025-9877:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9877:01 advisory. BlueZ: Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability CVE-2023-27349 bluez: audio profile avrcp...
Unity Linux 20.1070e Security Update: bluez (UTSA-2025-680604)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680604 advisory. BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in...
EUVD-2023-56301
Malicious code in bioql PyPI...
EUVD-2023-31125
Malicious code in bioql PyPI...
ROS-20250930-02
A code vulnerability in the Audio Profile AVRCP component of the Bluetooth protocol stack for Linux BlueZ is related to a buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...
bluez security update
An update is available for bluez. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The bluez packages contain the following utilities for use in Bluetooth...
TencentOS Server 3: bluez (TSSA-2025:0353)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0353 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2021-39772
In Bluetooth, there is a possible way to access the a2dp audio control switch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
BlueZ: Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability
A vulnerability was found in the BlueZ Audio Profile AVRCP, stemming from the improper validation of array indices. This flaw resides in the AVRCP protocol handling and arises due to inadequate validation of user-supplied data. Consequently, it may lead to writing beyond the bounds of an allocate...
Moderate: Red Hat Security Advisory: bluez security update
An update for bluez is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: bluez security update
The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts AlmaLinux, and pcmcia configuration files. Security Fixes: BlueZ: Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution...
Linux Distros Unpatched Vulnerability : CVE-2023-51592
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BlueZ Audio Profile AVRCP parsemediafolder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to...
bluez: audio profile avrcp parse_media_element out-of-bounds read information disclosure vulnerability
A flaw was found within the handling of the AVRCP protocol in BlueZ. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect ...
BlueZ: Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability
A vulnerability was found in the BlueZ Audio Profile AVRCP, stemming from the improper validation of array indices. This flaw resides in the AVRCP protocol handling and arises due to inadequate validation of user-supplied data. Consequently, it may lead to writing beyond the bounds of an allocate...
CVE-2023-27349
A vulnerability was found in the BlueZ Audio Profile AVRCP, stemming from the improper validation of array indices. This flaw resides in the AVRCP protocol handling and arises due to inadequate validation of user-supplied data. Consequently, it may lead to writing beyond the bounds of an allocate...
AZL-40232 CVE-2023-51592 affecting package bluez 5.63-6
BlueZ Audio Profile AVRCP parsemediafolder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability i...
DEBIAN-CVE-2023-51592
BlueZ Audio Profile AVRCP parsemediafolder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability i...
CVE-2023-51589
BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability ...