Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-25621

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00901EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:53 p.m.8 views

CVE-2022-20361

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

9.8CVSS7.2AI score0.00901EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.3 views

SUSE CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already...

5.9CVSS6.8AI score0.07137EPSS
Exploits1References3
OSV
OSV
added 2022/08/10 8:15 p.m.1 views

CVE-2022-20361

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

9.8CVSS7.4AI score0.00901EPSS
Exploits0References1
Prion
Prion
added 2022/08/10 8:15 p.m.20 views

Design/Logic Flaw

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.5CVSS9AI score0.00901EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/08/09 8:25 p.m.3 views

CVE-2022-20361

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.5AI score0.00901EPSS
Exploits0References1
CVE
CVE
added 2022/08/09 8:25 p.m.166 views

CVE-2022-20361

CVE-2022-20361 describes a vulnerability in Android Bluetooth stack (btif_dm_auth_cmpl_evt in btif_dm.cc) related to Cross-Transport Key Derivation. Root cause is a weakness in the Bluetooth protocol implementation, enabling remote elevation of privilege with no user interaction. Affected product...

9.8CVSS9AI score0.00901EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.5 views

PT-2022-14588 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12L Description: A potential issue exists in the Bluetooth protocol implementation, specifically in the Cross-Transport Key Derivation process, due to a weakness in the Bluetooth standard. This coul...

9.8CVSS9.2AI score0.00901EPSS
Exploits0References3
OSV
OSV
added 2022/08/01 12:0 a.m.31 views

ASB-A-231161832

In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS6.2AI score0.00901EPSS
Exploits0References3
OSV
OSV
added 2020/09/11 2:15 p.m.3 views

CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already...

5.9CVSS7.1AI score0.07137EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2020/09/11 2:15 p.m.36 views

CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already...

5.9CVSS7.1AI score0.07137EPSS
Exploits1References5
OSV
OSV
added 2020/09/11 2:15 p.m.3 views

UBUNTU-CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already...

5.9CVSS7AI score0.07137EPSS
Exploits1References6
CVE
CVE
added 2020/09/11 1:7 p.m.228 views

CVE-2020-15802

CVE-2020-15802 concerns Bluetooth Cross-Transport Key Derivation (BLURtooth) affecting devices that support Bluetooth before 5.1. The root cause is Cross Transport Key Derivation in Bluetooth Core Specification v4.2/v5.0, which may permit an unauthenticated user to establish bonding on one transp...

5.9CVSS5.8AI score0.07137EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/09/11 1:7 p.m.41 views

CVE-2020-15802

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already...

5.6AI score0.07137EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2020/09/11 1:7 p.m.35 views

CVE-2020-15802

Removed by vendor...

5.9CVSS7.1AI score0.07137EPSS
Exploits1
The Hacker News
The Hacker News
added 2020/09/10 9:37 p.m.126 views

New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices

Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of...

5.9CVSS1.9AI score0.07137EPSS
Exploits1
ThreatPost
ThreatPost
added 2020/09/10 4:39 p.m.51 views

Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks

A high-severity Bluetooth vulnerability has been uncovered, which could enable an unauthenticated attacker within wireless range to eavesdrop or alter communications between paired devices. The flaw CVE-2020-15802, discovered independently by researchers at the École Polytechnique Fédérale de...

4.3CVSS6.2AI score0.07137EPSS
Exploits1References12
Rows per page
Query Builder