Lucene search
K

58 matches found

EUVD
EUVD
added 2026/06/24 4:30 p.m.8 views

EUVD-2026-38941

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling hu-proto-closehu and setting hu-hdev to NULL. This means incoming UART data will...

5.8AI score0.00172EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb – revert the use of devmkzalloc in btusb This change reverts to the behavior described in commit 98921dbd00c4e “Bluetooth: Use devmkzalloc in btusb.c file”. In btusbprobe, we use devmkzalloc to allocate the btusb...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 8:10 a.m.5 views

CVE-2025-4994

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy BLE interface...

8.7CVSS5.9AI score0.00207EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.33 views

CVE-2026-43018 Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...

8.8CVSS0.00256EPSS
Exploits0References6
OSV
OSV
added 2026/05/01 2:14 p.m.4 views

CVE-2026-31771 Bluetooth: hci_event: move wake reason storage into validated event handlers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: move wake reason storage into validated event handlers hcistorewakereason is called from hcieventpacket immediately after stripping the HCI event header but before hcieventfunc enforces the per-event minimum...

8.1CVSS5.8AI score0.00205EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 12:0 a.m.4 views

CVE-2026-31280

An issue in the Bluetooth RFCOMM service of Parani M10 Motorcycle Intercom v2.1.3 allows unauthorized attackers to cause a Denial of Service DoS via supplying crafted RFCOMM frames...

7.3AI score0.00398EPSS
Exploits0References3
NVD
NVD
added 2026/03/21 6:16 p.m.5 views

CVE-2026-2756

A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The attack can only be initiated within the local network. This attack is characterized by high...

5CVSS0.00276EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/21 5:32 p.m.4 views

CVE-2026-2756

A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The attack can only be initiated within the local network. This attack is characterized by high...

5CVSS5.2AI score0.00276EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/03/21 5:32 p.m.34 views

CVE-2026-2756 OmniPEMF NeoRhythm BLE missing authentication

A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The attack can only be initiated within the local network. This attack is characterized by high...

5CVSS0.00276EPSS
Exploits0References4
CVE
CVE
added 2026/03/21 5:32 p.m.9 views

CVE-2026-2756

CVE-2026-2756 affects OmniPEMF NeoRhythm via the BLE Interface. The vulnerability is described as allowing an attacker within the local network to manipulate the BLE component due to missing authentication. Exploitation is characterized as high complexity and difficult to achieve; no exploits or ...

5CVSS5.3AI score0.00276EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.6 views

PT-2026-26935

A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The attack can only be initiated within the local network. This attack is characterized by high...

5CVSS5.3AI score0.00276EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/02/06 8:2 p.m.6 views

CVE-2026-2065

A security flaw has been discovered in Flycatcher Toys smART Pixelator 2.0. Affected by this issue is some unknown functionality of the component Bluetooth Low Energy Interface. Performing a manipulation results in missing authentication. The attack can only be performed from the local network. T...

6.3CVSS5AI score0.00549EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/02/06 8:2 p.m.36 views

CVE-2026-2065 Flycatcher Toys smART Pixelator Bluetooth Low Energy missing authentication

A security flaw has been discovered in Flycatcher Toys smART Pixelator 2.0. Affected by this issue is some unknown functionality of the component Bluetooth Low Energy Interface. Performing a manipulation results in missing authentication. The attack can only be performed from the local network. T...

6.3CVSS0.00549EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.8 views

Flycatcher Toys smART Pixelator 访问控制错误漏洞

Flycatcher Toys smART Pixelator is a creative technology toy developed by the German company Flycatcher Toys. The Flycatcher Toys smART Pixelator 2.0 version has a security vulnerability related to access control, which stems from the lack of authentication for the Bluetooth low-power interface...

8.8CVSS6.6AI score0.00549EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/14 9:53 a.m.6 views

kernel: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync

A flaw was found in the Linux kernel’s Bluetooth subsystem HCI. Specifically, in the function hciaclcreateconnsync and related path hcilecreateconnsync, a connection object in state BTOPEN that is still pending command submission may be freed prematurely, leading to a use-after-free condition. An...

5.7AI score0.00187EPSS
Exploits0References5
NVD
NVD
added 2025/10/15 8:15 a.m.5 views

CVE-2025-39982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...

0.00187EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.34 views

EUVD-2025-6218

Malicious code in bioql PyPI...

7.2AI score0.00131EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-14318

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0047EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:33 p.m.6 views

CVE-2022-20057

In btif, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06271186; Issue ID: ALPS06271186...

6.5CVSS6.8AI score0.00123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:16 p.m.6 views

CVE-2020-0138

In getelementattrrsp of btifrc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if bluetoothtbd were used, which it isn't in typical Android platforms, with no additional execution privileges needed. User interaction is not needed...

9.8CVSS8.1AI score0.01355EPSS
Exploits0References1
Rows per page
Query Builder