16 matches found
CVE-2026-44592
Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENTDISCOVERABLE=true the default, and the NixOS module default, anyone who can reach /proto can register as a worker without any credentials by sending a fresh, never-registered worker UUID. The resulting session has...
CVE-2026-44592 Gradient: Unauthenticated worker on /proto → arbitrary NAR write / cache poisoning
Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENTDISCOVERABLE=true the default, and the NixOS module default, anyone who can reach /proto can register as a worker without any credentials by sending a fresh, never-registered worker UUID. The resulting session has...
EUVD-2026-30365
Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENTDISCOVERABLE=true the default, and the NixOS module default, anyone who can reach /proto can register as a worker without any credentials by sending a fresh, never-registered worker UUID. The resulting session has...
EUVD-2022-29562
Malicious code in bioql PyPI...
CVE-2022-24695
Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with...
SUSE CVE-2021-21367
Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the Bluetooth plug is running in discoverable mode, Bluetooth service requests and pairing requests are automatically accepted, allowing physically...
bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution
A flaw was found in the HID Profile in BlueZ that opens doors for unauthorized connections, especially by devices like keyboards, to inject keystrokes without user confirmation. BlueZ lacks proper restrictions on non-bonded devices, creating a risk for attackers that are physically close to injec...
USN-6540-1 bluez vulnerability
It was discovered that BlueZ did not properly restrict non-bonded devices from injecting HID events into the input subsystem. This could allow a physically proximate attacker to inject keystrokes and execute arbitrary commands whilst the device is discoverable...
SUSE CVE-2022-24695
Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with...
CVE-2022-24695
Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with...
CVE-2022-24695
Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with...
UBUNTU-CVE-2022-24695
Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with...
PT-2023-3480 · Unknown · Bluetooth Core Specification
Name of the Vulnerable Software and Affected Versions: Bluetooth Core Specification versions through 5.3 Description: The issue is related to Bluetooth Classic in the Bluetooth Core Specification, where device information for Bluetooth transceivers in Non-Discoverable mode is not properly...
SUSE CVE-2018-10910
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable...
Bluetooth + Electrical switchgear
The ongoing rapid growth of Industrial IoT IIoT across all business sectors continues to bring to focus the discrepancies that exist between the approaches to safety and cyber-security on safety critical sites. Safety has been culturally ingrained into all aspects of industrial site operations fo...
SecureWorks Research Client Advisory: Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 SecureWorks Research Client Advisory Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability October 11th, 2006 Summary: A flaw exists in the Toshiba Bluetooth wireless device driver, used by multiple vendors, that allows a remote attacker...