Lucene search
+L

353 matches found

Vulnrichment
Vulnrichment
added 2024/09/13 6:50 p.m.15 views

CVE-2024-5754 BT: Encryption procedure host vulnerability

BT: Encryption procedure host vulnerability...

8.2CVSS7AI score0.0031EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.6 views

PT-2024-37410 · Unknown · Bt Classic

Name of the Vulnerable Software and Affected Versions: BT:Classic affected versions not specified Description: The issue concerns multiple missing buffer length checks. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-worl...

7.6CVSS7.3AI score0.00437EPSS
Exploits1References6
ICS
ICS
added 2024/09/10 6:0 a.m.18 views

BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Low attack complexity/public exploits are available Vendor : BPL Medical Technologies Equipment : PWS-01-BT, Be Well Android App Vulnerability : Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of...

5.1CVSS7.1AI score0.00658EPSS
Exploits0References10
OSV
OSV
added 2024/09/09 10:1 a.m.15 views

CLSA-2024-1725876080 kernel: Fix of 44 CVEs

dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist CVE-2024-40956 - userfaultfd: fix a race between writeprotect and exitmmap CVE-2021-47461 - netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 - x86/sev: Harden VC instruction emulation somewhat...

7.8CVSS7AI score0.0094EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/26 11:20 a.m.46 views

CVE-2024-44939 jfs: fix null ptr deref in dtInsertEntry

In the Linux kernel, the following vulnerability has been resolved: jfs: fix null ptr deref in dtInsertEntry syzbot reported general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...

0.00225EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/08/07 12:0 a.m.36 views

SUSE SLED15: kernel-firmware / kernel-firmware-all / kernel-firmware-amdgpu / etc (SUSE-SU-2024:2785-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2785-1 advisory. Update to version 20240728: amdgpu: update DMCUB to v0.0.227.0 for DCN35 and DCN351 Revert...

4.7CVSS5.9AI score0.00428EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/07/30 8:15 a.m.14 views

CVE-2024-42137

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot Commit 272970be3dab "Bluetooth: hciqca: Fix driver shutdown on closed serdev" will cause below regression issue: BT can't be enabled after below steps: col...

5.5CVSS6.3AI score0.00233EPSS
Exploits0References24
CVE
CVE
added 2024/07/30 7:46 a.m.111 views

CVE-2024-42137

CVE-2024-42137 concerns a Linux kernel Bluetooth issue for Qualcomm Atheros (QCA6390). The vulnerability stemmed from a regression introduced by commit 272970be3dab, which fixed a use-after-free in qca_serdev_shutdown() but caused Bluetooth enablement to fail after a warm reboot if enable-gpios w...

5.5CVSS6.5AI score0.00233EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/30 12:0 a.m.5 views

PT-2024-38075 · WordPress · Bold Page Builder

Name of the Vulnerable Software and Affected Versions: The Bold Page Builder plugin for WordPress versions up to, and including, 5.0.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's bt bb button shortcode due to insufficient input sanitization and output escapin...

6.4CVSS6.2AI score0.00439EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/06/12 2:0 a.m.18 views

kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg

A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause a denial of service condition or potential code execution...

7CVSS7AI score0.0026EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/06/06 9:31 p.m.16 views

CVE-2024-4013 Failure to update BT Mesh Replay Protection List

A bug exists in the API, meshnodepoweroff, which fails to copy the contents of the Replay Protection List RPL from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning...

5.6CVSS6.8AI score0.00267EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/06 9:31 p.m.32 views

CVE-2024-4013 Failure to update BT Mesh Replay Protection List

A bug exists in the API, meshnodepoweroff, which fails to copy the contents of the Replay Protection List RPL from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning...

5.6CVSS0.00267EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.3 views

kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg

A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause a denial of service condition or potential code execution...

7CVSS7AI score0.0026EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.5 views

PT-2024-20994 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the bt id parameter at the "/include/get dict.aspx" API endpoint. This allows for potential exploitation. No information is provided about the estimated...

9.8CVSS7.5AI score0.0051EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/04/19 12:0 a.m.45 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6740-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6740-1 advisory. Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null...

7.8CVSS7.8AI score0.01377EPSS
Exploits4References16
OSV
OSV
added 2024/03/28 7:33 a.m.8 views

SUSE-SU-2024:1025-1 Security update for the Linux Kernel (Live Patch 47 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122173 fixes one issue. The following security issue was fixed: - CVE-2023-51779: Fixed a use-after-free because of a btsockioctl race condition in btsockrecvmsg bsc1218610...

7CVSS7.3AI score0.0026EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/03/01 12:0 a.m.35 views

Debian dla-3746 : libwireshark-data - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3746 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3746-1 [email protected]...

7.8CVSS7.4AI score0.03456EPSS
Exploits2References10
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.4 views

Linux Kernel Security Vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux Kernel that stems from a post-release reuse vulnerability contained in btsockrecvmsg...

7CVSS6.5AI score0.0026EPSS
Exploits0References7
OSV
OSV
added 2024/01/02 12:0 a.m.1 views

UBUNTU-CVE-2023-51779

btsockrecvmsg in net/bluetooth/afbluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a btsockioctl race condition...

7CVSS6.5AI score0.0026EPSS
Exploits0References20
The Hacker News
The Hacker News
added 2023/12/24 5:48 a.m.33 views

British LAPSUS$ Teen Members Sentenced for High-Profile Attacks

Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent ...

7.3AI score
Exploits0
Rows per page
Query Builder