CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/01/09 8:57 a.m.•1 views

CVE-2023-4424

An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device...

8.8CVSS7.4AI score0.00135EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-54286

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00135EPSS

Exploits0References1

Veracode•added 2024/07/04 4:6 p.m.•11 views

NULL Pointer Dereference

libzephyr.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to a malicious BLE device sending a specific order of packet sequences to cause a DoS attack on the victim BLE device...

6.5CVSS6.7AI score0.00174EPSS

Exploits1References2Affected Software1

NVD•added 2024/07/03 5:15 p.m.•13 views

CVE-2024-3332

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...

6.5CVSS0.00174EPSS

Exploits1References1

CVE•added 2024/07/03 4:44 p.m.•55 views

CVE-2024-3332

CVE-2024-3332 describes a vulnerability where a malicious Bluetooth Low Energy device can trigger a specific packet sequence that leads to a denial-of-service (DoS) on the victim BLE device. Multiple sources tie this to a null pointer dereference in Zephyr OS components (notably libzephyr.so) and...

6.5CVSS6.4AI score0.00174EPSS

Exploits1References1Affected Software1

Cvelist•added 2024/07/03 4:44 p.m.•17 views

CVE-2024-3332 bt: host/smp: DoS caused by null pointer dereference

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...

6.5CVSS0.00174EPSS

Exploits1References1

Vulnrichment•added 2024/07/03 4:44 p.m.•11 views

CVE-2024-3332 bt: host/smp: DoS caused by null pointer dereference

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...

6.5CVSS7AI score0.00174EPSS

Exploits1References1

Positive Technologies•added 2024/03/28 12:0 a.m.•2 views

PT-2024-23613 · Unknown · Zephyr Rtos

Name of the Vulnerable Software and Affected Versions: Zephyr RTOS versions prior to 3.6 Description: The issue allows a malicious BLE device to crash a BLE victim device by sending a malformed gatt packet. This can be exploited for local attacks. Network segmentation can help mitigate the risk...

6.8CVSS7.1AI score0.00148EPSS

Exploits1References6

Veracode•added 2023/11/22 8:23 a.m.•10 views

Denial Of Service (DOS)

libzephyr.so is vulnerable to Denial Of Service DOS. The vulnerability is caused by the leadvertisingreport function in /subsys/bluetooth/controller/hci/hci.c because an advertising packet is not processed properly when copying data. The root cause of the issue are integer overflow while storing ...

8.8CVSS7.5AI score0.00135EPSS

Exploits0References9Affected Software1

CVE•added 2023/11/21 6:42 a.m.•32 views

CVE-2023-4424

CVE-2023-4424 affects Zephyr OS Bluetooth: a malicious BLE device can trigger a buffer overflow by sending malformed advertising packets, potentially causing DoS or remote code execution on the victim device. The issue is linked to the HCI Bluetooth controller path (le_advertising_report) and ste...

8.8CVSS8.9AI score0.00135EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/05/18 4:20 a.m.•16 views

CVE-2020-12860

COVIDSafe through v1.0.17 allows a remote attacker to access phone name and model information because a BLE device can have four roles and COVIDSafe uses all of them. This allows for re-identification of a device, and potentially identification of the owner's name...

5.3AI score0.00301EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by