Lucene search
K

61 matches found

AlmaLinux
AlmaLinux
added 2021/11/02 7:46 a.m.22 views

bluez bug fix and enhancement update

The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts AlmaLinux, and pcmcia configuration files. Bug Fixes and Enhancements: Dell 8.4 BUG Bluetooth keyboard paired and connected but does not work on...

7AI score
Exploits0
OSV
OSV
added 2021/09/30 11:3 a.m.4 views

OESA-2021-1370 bluez security update

This package provides all utilities for use in Bluetooth applications. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A. Security Fixes: bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a devic...

6.5CVSS6.8AI score0.00795EPSS
Exploits0References2
Fedora
Fedora
added 2021/08/02 1:5 a.m.39 views

[SECURITY] Fedora 34 Update: bluez-5.60-2.fc34

Utilities for use in Bluetooth applications: - avinfo - bluemoon - bluetoothctl - bluetoothd - btattach - btmon - hex2hcd - l2ping - l2test - mpris-proxy - rctest The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A...

6.5CVSS2.8AI score0.00795EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/07/28 12:0 a.m.33 views

CVE-2021-3658

bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to...

6.5CVSS6.8AI score0.00795EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2021/07/27 2:25 a.m.68 views

CVE-2021-3658

bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to...

6.5CVSS4.1AI score0.00795EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/07/27 12:0 a.m.5 views

bluez 安全漏洞

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. A security vulnerability exists in bluez that stems from the fact that bluez's bluetoothd incorrectly saves the discoverable state of the adapter when the device ...

6.5CVSS6.6AI score0.00795EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-1378)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.1AI score0.07774EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2019/02/25 12:0 a.m.8 views

PT-2019-6134 · Bluez +2 · Bluez +2

Name of the Vulnerable Software and Affected Versions: BlueZ versions through 5.48 Description: A heap-based buffer overflow was discovered in the bluetoothd component of BlueZ. The issue is caused by the lack of size checks when appending data to the output buffer in the service attr req functio...

9.1CVSS7AI score0.01808EPSS
Exploits4References70
Veracode
Veracode
added 2019/01/15 9:18 a.m.32 views

Information Disclosure

bluez is vulnerable to information disclosure attacks. The vulnerability exists as all versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory...

6.5CVSS6AI score0.07774EPSS
Exploits3References10Affected Software1
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.40 views

Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport

Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport / IOHIDResourceQueue inherits from IOSharedDataQueue and adds its own ::enqueueReport method, which seems to be mostly copy-pasted from IOSharedDataQueue and IODataQueue's ::enqueue methods. I...

9.3CVSS0.7AI score0.03424EPSS
Exploits2
exploitpack
exploitpack
added 2018/02/28 12:0 a.m.13 views

Apple iOS 11.2.5 watchOS 4.2.2 tvOS 11.2.5 - bluetoothd Memory Corruption

Apple iOS 11.2.5 watchOS 4.2.2 tvOS 11.2.5 - bluetoothd Memory Corruption // // main.m // bluetoothdPoC // // Created by Rani Idan. // Copyright © 2018 zLabs. All rights reserved. // import "AppDelegate.h" include extern kernreturnt bootstraplookupmachportt bs, const char servicename, machportt...

Exploits0
Exploit DB
Exploit DB
added 2018/02/28 12:0 a.m.38 views

Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption

// // main.m // bluetoothdPoC // // Created by Rani Idan. // Copyright © 2018 zLabs. All rights reserved. // import "AppDelegate.h" include extern kernreturnt bootstraplookupmachportt bs, const char servicename, machportt service; / When hijacking session between bluetoothd and client, add callba...

7.4AI score
Exploits0
Debian
Debian
added 2017/09/21 9:1 p.m.37 views

[SECURITY] [DLA 1103-1] bluez security update

Package : bluez Version : 4.99-2+deb7u1 CVE ID : CVE-2017-1000250 Debian Bug : 875633 The SDP server in BlueZ is vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the...

6.5CVSS7.2AI score0.07774EPSS
Exploits3
NVD
NVD
added 2017/09/12 5:29 p.m.17 views

CVE-2017-1000250

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...

6.5CVSS6.4AI score0.07774EPSS
Exploits3References9
Prion
Prion
added 2017/09/12 5:29 p.m.20 views

Information disclosure

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...

3.3CVSS6.3AI score0.07774EPSS
Exploits3References9Affected Software1
CVE
CVE
added 2017/09/12 5:0 p.m.387 views

CVE-2017-1000250

CVE-2017-1000250 affects the BlueZ Bluetooth stack SDP server. All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information-disclosure flaw in the processing of SDP search attribute requests, allowing a proximate attacker to read portions of bluetoothd process memory ...

6.5CVSS6.4AI score0.07774EPSS
Exploits3References9Affected Software1
Cvelist
Cvelist
added 2017/09/12 5:0 p.m.34 views

CVE-2017-1000250

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...

6.5AI score0.07774EPSS
Exploits3References8
AlpineLinux
AlpineLinux
added 2017/09/12 5:0 p.m.20 views

CVE-2017-1000250

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...

6.5CVSS6.7AI score0.07774EPSS
Exploits3
Debian CVE
Debian CVE
added 2017/09/12 5:0 p.m.26 views

CVE-2017-1000250

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...

6.5CVSS6.6AI score0.07774EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2017/09/12 1:24 p.m.27 views

CVE-2017-1000250

An information-disclosure flaw was found in the bluetoothd implementation of the Service Discovery Protocol SDP. A specially crafted Bluetooth device could, without prior pairing or user interaction, retrieve portions of the bluetoothd process memory, including potentially sensitive information...

6.5CVSS2.5AI score0.07774EPSS
Exploits3References2
Rows per page
Query Builder