Lucene search
K

17871 matches found

Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-10593 Remotely triggerable NULL-pointer dereference in Bluetooth LE Audio BAP unicast client QoS-state handling

The Zephyr Bluetooth LE Audio Basic Audio Profile BAP unicast client mishandles peer-supplied ASE state notifications. In unicastclientepqosstate subsys/bluetooth/audio/bapunicastclient.c, the handler writes attacker-controlled QoS fields interval, framing, phy, sdu, rtn, latency, pd through the...

6.5CVSS0.00175EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 5 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53276

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis =...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 5 days ago3 views

Linux Distros Unpatched Vulnerability : CVE-2026-53208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2capcore.c:l2capsigchannel accepts BR/EDR signaling packets up to the channel MTU a...

5.5CVSS5.9AI score0.00176EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 5 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control...

7.1CVSS5.8AI score0.00274EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener aft...

8CVSS5.8AI score0.00266EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 6 days ago5 views

Bluetooth: bnep: reject short frames before parsing

...

7.1CVSS5.8AI score0.00274EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 6 days ago6 views

Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend

...

7.8CVSS5.8AI score0.00138EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 6 days ago5 views

Bluetooth: RFCOMM: validate skb length in MCC handlers

...

8.1CVSS5.8AI score0.00283EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 6 days ago11 views

Chromium: CVE-2026-13035 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00215EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2026:2658-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2658-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: -...

9.8CVSS7.1AI score0.0055EPSS
Exploits8References92
RedhatCVE
RedhatCVE
added last week6 views

CVE-2026-53209

A flaw was found in the Bluetooth subsystem of the Linux kernel, specifically within the hcisync component. This vulnerability occurs when the hciadvbcastannoucement function attempts to prepend Broadcast Announcement service data to an existing advertising payload that is already at its maximum...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added last week7 views

CVE-2026-53251

A flaw was found in the Linux kernel's Bluetooth subsystem. The hcigetroute function, used in the ISO Isochronous Stream connection handling, fails to release a reference-counted hcidev pointer. This resource leak could lead to a Denial of Service DoS condition...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References4
OSV
OSV
added last week3 views

SUSE-SU-2026:2638-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

9.8CVSS5.9AI score0.00463EPSS
Exploits1References45
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.6 views

SUSE CVE-2026-53253

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

7.1CVSS5.8AI score0.00274EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 1:22 a.m.8 views

CVE-2026-53252

A flaw was found in the Linux kernel's Bluetooth subsystem. Specifically, an issue in the error handling path of the hciallocdev function within the Bluetooth Host Controller Interface HCI Universal Asynchronous Receiver/Transmitter UART configuration can lead to a memory leak. This occurs when...

5.5CVSS5.8AI score0.00189EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 1:7 a.m.6 views

CVE-2026-53255

A flaw was found in the Linux kernel's Bluetooth Management MGMT component. A remote attacker could exploit this by providing specially crafted advertising data, leading to an out-of-bounds read vulnerability. This occurs because the system incorrectly validates the length of advertising data...

5.5CVSS5.9AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 12:37 a.m.7 views

CVE-2026-53254

A flaw was found in the Linux kernel's Bluetooth RFCOMM Radio Frequency Communication subsystem. A malicious remote device could exploit this vulnerability by sending specially crafted, truncated Multiplexing Control Channel MCC frames. This lack of proper validation of incoming data length befor...

8.1CVSS5.8AI score0.00283EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.6 views

AlmaLinux 10 : kernel (ALSA-2026:27288)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:27288 advisory. kernel: can: isotp: fix tx.buf use-after-free in isotpsendmsg CVE-2026-31474 kernel: mptcp: fix slab-use-after-free in inetlookupestablished...

9.8CVSS6.8AI score0.004EPSS
Exploits9References17
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

Oracle Linux 9 : kernel (ELSA-2026-27789)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27789 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

9.8CVSS7.2AI score0.00563EPSS
Exploits13References18
RedhatCVE
RedhatCVE
added 2026/06/25 11:53 p.m.6 views

CVE-2026-53208

A flaw was found in the Linux kernel's Bluetooth subsystem. A remote attacker within radio range, before pairing, can send specially crafted Bluetooth BR/EDR Basic Rate/Enhanced Data Rate signaling packets that exceed the maximum transmission unit MTU for signaling. This improper handling of...

7CVSS5.9AI score0.00176EPSS
Exploits0References4
Rows per page
Query Builder