Lucene search
K

61 matches found

Tenable Nessus
Tenable Nessus
added 2022/03/02 12:0 a.m.32 views

EulerOS 2.0 SP9 : bluez (EulerOS-SA-2022-1286)

According to the versions of the bluez package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the...

8.8CVSS6.9AI score0.0143EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/03/02 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2022-1302)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.0143EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/02/26 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2022-1219)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00795EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/02/26 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2022-1200)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00795EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/25 12:0 a.m.38 views

EulerOS 2.0 SP10 : bluez (EulerOS-SA-2022-1200)

According to the versions of the bluez package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device ...

6.5CVSS6.7AI score0.00795EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2017-0350)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.07774EPSS
Exploits3References5
RedhatCVE
RedhatCVE
added 2021/11/29 6:2 p.m.31 views

CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through version 5.48. The vulnerability lies in the handling of buffered data where it is possible to cause the server to return more bytes than the buffer actually holds, resulting in leaking arbitrary heap data...

6.5CVSS2.6AI score0.00936EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2021/11/29 5:57 p.m.35 views

CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in bluez through version 5.48. A missing check on whether there is enough space in the destination buffer can allow an attacker to exploit the vulnerability by crafting a request where the response is large enough to overflow the...

8.8CVSS4.3AI score0.0143EPSS
Exploits1References4
NVD
NVD
added 2021/11/29 8:15 a.m.22 views

CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

6.5CVSS0.00936EPSS
Exploits1References3
NVD
NVD
added 2021/11/29 8:15 a.m.19 views

CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

8.8CVSS0.0143EPSS
Exploits1References3
OSV
OSV
added 2021/11/29 8:15 a.m.25 views

CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

8.8CVSS8.8AI score
Exploits0References3
Prion
Prion
added 2021/11/29 8:15 a.m.22 views

Design/Logic Flaw

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

3.3CVSS6.7AI score0.00936EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCve
added 2021/11/29 8:15 a.m.39 views

CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

8.8CVSS7AI score0.0143EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2021/11/29 8:15 a.m.40 views

CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

6.5CVSS7AI score0.00936EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/11/29 12:0 a.m.35 views

Debian DLA-2827-1 : bluez - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2827 advisory. Several vulnerabilities were discovered in BlueZ, the Linux Bluetooth protocol stack. An attacker could cause a denial-of-service DoS or leak information...

8.8CVSS7.1AI score0.0143EPSS
Exploits3References10
Cvelist
Cvelist
added 2021/11/29 12:0 a.m.19 views

CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

8.8AI score0.0143EPSS
Exploits1References3
CVE
CVE
added 2021/11/29 12:0 a.m.156 views

CVE-2019-8921

CVE-2019-8921 is a BlueZ Bluetooth stack vulnerability affecting bluetoothd, specifically in the SDP implementation. The issue arises from how SVC_ATTR_REQ is handled; by crafting a malicious CSTATE, an attacker could cause the server to return more bytes than the buffer can hold, leaking heap da...

6.5CVSS7.3AI score0.00936EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/11/29 12:0 a.m.26 views

CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

7.8AI score0.00936EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2021/11/29 12:0 a.m.17 views

CVE-2019-8922

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer...

8.8CVSS8.9AI score0.0143EPSS
Exploits1
Debian CVE
Debian CVE
added 2021/11/29 12:0 a.m.28 views

CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrar...

6.5CVSS6.3AI score0.00936EPSS
Exploits1
Rows per page
Query Builder