CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

143 matches found

RedhatCVE•added 2026/01/09 11:25 a.m.•10 views

CVE-2021-28136

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption and consequently a crash in ESP32 via a replaye...

6.5CVSS7AI score0.0081EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:25 a.m.•6 views

CVE-2021-28155

The Bluetooth Classic implementation on JBL TUNE500BT devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service and shutdown a device by flooding the target device with LMP Feature Response data...

6.5CVSS6.9AI score0.00437EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:24 a.m.•13 views

CVE-2021-28139

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio range to trigger arbitrary code execution in ESP32 via a crafted Extended Features bitfield...

8.8CVSS7.6AI score0.01292EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:24 a.m.•4 views

CVE-2021-31613

The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers in radio range to immediately crash and restart a device via a crafted LMP packet...

6.5CVSS6.8AI score0.00556EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:23 a.m.•7 views

CVE-2021-31611

The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle an out-of-order LMP Setup procedure that is followed by a malformed LMP packet, allowing attackers in radio range to deadlock a device via a crafted LMP packet. The user needs to manually reboo...

5.7CVSS6.8AI score0.00354EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:23 a.m.•10 views

CVE-2021-31612

The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing attackers in radio range to trigger a deadlock via a crafted LMP packet...

6.5CVSS6.8AI score0.00514EPSS

Exploits0References1