77 matches found
EUVD-2020-3890
Malware in sbrugna...
EUVD-2023-43716
Malicious code in bioql PyPI...
EUVD-2023-58627
Malicious code in bioql PyPI...
EUVD-2025-23489
Malicious code in bioql PyPI...
EUVD-2023-51036
Malicious code in bioql PyPI...
Google Android Information Disclosure Vulnerability (CNVD-2025-23028)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by an insecure default value flaw in the generateRandomPasword function in LocalBluetoothLeBroadcast.java. An attacker can exploit the leak to obtai...
CVE-2025-32330
In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept the Auracast audio stream due to an insecure default value. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not...
CVE-2025-32330
In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept the Auracast audio stream due to an insecure default value. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not...
PT-2025-36040
Name of the Vulnerable Software and Affected Versions: LocalBluetoothLeBroadcast.java affected versions not specified Description: An issue exists in the generateRandomPassword function of LocalBluetoothLeBroadcast.java that may allow interception of the Auracast audio stream due to an insecure...
CVE-2025-9696 Use of Hard-coded Credentials in SunPower PVS6
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the...
CVE-2025-20700
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-20700
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-20700
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-20700
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-3024
Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access...
CVE-2023-2683
A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message and cause future legitimate connection attempts to fail. A reset of the device immediately clears the error...
CVE-2020-27373
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command over BLE...
CVE-2023-46870
extcap/nrfsnifferble.py, extcap/nrfsnifferble.sh, extcap/SnifferAPI/.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts...
CVE-2023-46870
extcap/nrfsnifferble.py, extcap/nrfsnifferble.sh, extcap/SnifferAPI/.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts...
CVE-2023-46870
The CVE concerns Nordic Semiconductor nRF Sniffer for Bluetooth LE (versions 3.0.0–4.1.1). A permissions misconfiguration in extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, and extcap/SnifferAPI/*.py can allow code execution by modifying these scripts. Public details in multiple sources con...