CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

78 matches found

Microsoft CVE•added 2026/05/29 8:7 a.m.•7 views

Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt

...

8.1CVSS5.4AI score0.00277EPSS

Exploits0

Positive Technologies•added 2026/03/25 12:0 a.m.•5 views

PT-2026-36439

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth component where the hci cmd sync queue once function fails to indicate whether a queue item was added. This prevents the caller from knowing if callbacks...

5.5CVSS5.8AI score0.00107EPSS

Exploits0References16

EUVD•added 2026/01/10 9:46 a.m.•5 views

EUVD-2026-1849

Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver. This issue affects Apache NimBLE: through 1.8. This issue requires a broken or bogus Bluetooth controller and thus severity is considered low. Users are...

6.2AI score0.0033EPSS

Exploits0References4

CVE•added 2026/01/10 9:45 a.m.•15 views

CVE-2025-53477

CVE-2025-53477 is a NULL pointer dereference vulnerability in Apache NimBLE (NimBLE host HCI layer). The issue stems from missing validation of HCI connection complete or HCI command TX buffers, which can lead to a NULL pointer dereference when combined with disabled asserts and a malfunctioning ...

7.5CVSS6.8AI score0.00696EPSS

Exploits0References4Affected Software1

Cvelist•added 2025/11/17 5:21 p.m.•6 views

CVE-2025-64342 ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Access Address Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

6.9CVSS0.00348EPSS

Exploits0References7

CVE•added 2025/11/04 3:19 a.m.•15 views

CVE-2025-47370

Technical details, affected product/versions, root cause, and fixes for CVE-2025-47370 are not publicly provided in the supplied documents. Monitor for updates from vendors/security bulletins.

6.5CVSS6.6AI score0.00106EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/11/04 3:19 a.m.•33 views

CVE-2025-47370 Reachable Assertion in BT Controller

Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan...

6.5CVSS0.00106EPSS

Exploits0References1

CVE•added 2025/10/09 3:18 a.m.•12 views

CVE-2025-47342

CVE-2025-47342 concerns Qualcomm chipsets where a transient denial-of-service can occur due to concurrency involving QHS and multi-profile configurations. The Red Hat/NVD/CVE records describe the issue as a transient DOS when multiple profiles are used concurrently with QHS enabled; the CVE List ...

7.1CVSS6.5AI score0.0015EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/10/09 3:18 a.m.•9 views

CVE-2025-47342 Use After Free in BT Controller

Transient DOS may occur when multi-profile concurrency arises with QHS enabled...

7.1CVSS0.0015EPSS

Exploits0References1