Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2019-8921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a...

6.5CVSS6.8AI score0.00936EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/02/13 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-7265-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.1AI score0.0143EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2025/02/12 6:51 a.m.11 views

USN-7265-1: BlueZ vulnerabilities

Julian Rauchberger discovered that BlueZ did not correctly handle certain memory operations. An attacker could possibly use this issue to leak sensitive information or execute arbitrary code. CVE-2019-8921, CVE-2019-8922...

8.8CVSS7.1AI score0.0143EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.37 views

Amazon Linux 2 : bluez (ALAS-2023-2309)

The version of bluez installed on the remote host is prior to 5.44-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2309 advisory. An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SD...

8.8CVSS7.1AI score0.0143EPSS
Exploits2References6
Amazon
Amazon
added 2023/10/19 12:0 a.m.32 views

Medium: bluez

Issue Overview: An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in...

8.8CVSS7.2AI score0.0143EPSS
Exploits2
OpenVAS
OpenVAS
added 2023/05/08 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2023-1742)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.01808EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2023/05/07 12:0 a.m.30 views

EulerOS Virtualization 3.0.2.0 : bluez (EulerOS-SA-2023-1742)

According to the versions of the bluez package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP...

8.8CVSS7AI score0.01808EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2023-1090)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8AI score0.01544EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2023/01/06 12:0 a.m.34 views

EulerOS Virtualization 3.0.2.6 : bluez (EulerOS-SA-2023-1090)

According to the versions of the bluez package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP...

9.1CVSS7AI score0.01544EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2022/10/26 12:0 a.m.30 views

SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2022:3718-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3718-1 advisory. - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request bsc1193237. - CVE-2016-9803: Fixed memor...

6.5CVSS6.9AI score0.02473EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2022/10/26 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2022:3718-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.02473EPSS
Exploits2References5
OSV
OSV
added 2022/10/25 8:19 a.m.9 views

SUSE-SU-2022:3718-1 Security update for bluez

This update for bluez fixes the following issues: - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request bsc1193237. - CVE-2016-9803: Fixed memory leak bsc1013885...

6.5CVSS7.1AI score0.02473EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2022/10/25 12:0 a.m.27 views

Debian: Security Advisory (DLA-3157-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8AI score0.01808EPSS
Exploits4References4
Debian
Debian
added 2022/10/24 10:50 a.m.43 views

[SECURITY] [DLA 3157-1] bluez security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3157-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 24, 2022 https://wiki.debian.org/LTS -...

9.1CVSS8.8AI score0.01808EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2022/10/24 12:0 a.m.41 views

Debian dla-3157 : bluetooth - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3157 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3157-1 [email protected]...

9.1CVSS7AI score0.01808EPSS
Exploits4References16
OpenVAS
OpenVAS
added 2022/10/24 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2022:3691-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.7AI score0.01544EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2022-2488)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.9AI score0.01808EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/04/25 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2022-1524)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8AI score0.01544EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2021/11/29 6:2 p.m.32 views

CVE-2019-8921

An issue was discovered in bluetoothd in BlueZ through version 5.48. The vulnerability lies in the handling of buffered data where it is possible to cause the server to return more bytes than the buffer actually holds, resulting in leaking arbitrary heap data...

6.5CVSS2.6AI score0.00936EPSS
Exploits1References4
CVE
CVE
added 2021/11/29 12:0 a.m.157 views

CVE-2019-8921

CVE-2019-8921 is a BlueZ Bluetooth stack vulnerability affecting bluetoothd, specifically in the SDP implementation. The issue arises from how SVC_ATTR_REQ is handled; by crafting a malicious CSTATE, an attacker could cause the server to return more bytes than the buffer can hold, leaking heap da...

6.5CVSS7.3AI score0.00936EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder