Lucene search
+L

1340 matches found

CNVD
CNVD
added 2018/10/24 12:0 a.m.7 views

GAIN Electronic Co. Ltd SAGA1-L Series Access Control Vulnerability

GAIN SAGA1-L Series is a SAGA1-L series industrial remote control product from GAIN Electronic. A security vulnerability exists in GAIN SAGA1-L Series products using firmware versions prior to A0.10. An attacker could exploit this vulnerability to forcibly pair a device without human interaction...

8.8CVSS7.2AI score0.00726EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2018/10/24 12:0 a.m.7 views

October 24, 2018—KB4462933 (OS Build 17134.376)

None None...

6.1AI score
Exploits0
Lenovo
Lenovo
added 2018/09/11 3:55 a.m.33 views

Bluetooth Pairing Key Validation - Lenovo Support US

No description provided...

8CVSS7.2AI score0.00802EPSS
Exploits1
Lenovo
Lenovo
added 2018/09/10 9:55 p.m.681 views

Bluetooth Pairing Key Validation - US

Lenovo Security Advisory: LEN-22233 Potential Impact: Information disclosure, elevation of privilege, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-5383 Summary Description: The Bluetooth Special Interest Group SIG has reported a vulnerability in the...

1.7AI score0.00802EPSS
Exploits1
Opera Security Advisories
Opera Security Advisories
added 2018/08/28 12:0 a.m.9 views

Flow is seamless and secure – security features explained

Security Flow is seamless and secure – security features explained Share August 28th, 2018 Some of you may already be familiar with Flow, the new feature that allows you to quickly and seamlessly share images, links and videos between your Opera browser for computers and your Opera Touch mobile...

8.8CVSS7.4AI score0.01654EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2018/08/09 6:19 a.m.28 views

CVE-2018-5383

A vulnerability in Bluetooth pairing potentially allows an attacker with physical proximity within 30 meters to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth devices. This may result in information disclosure,...

8CVSS6.2AI score0.00802EPSS
Exploits1References2
OSV
OSV
added 2018/07/30 1:29 a.m.6 views

CVE-2018-14738

An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbcrmessagemessage in rmessage.c...

7.5CVSS5.8AI score0.01305EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2018/07/24 6:3 p.m.43 views

Bluetooth Bug Allows Man-in-the-Middle Attacks on Phones, Laptops

A slew of vendors that have built Bluetooth pairing into their devices without requiring public key validation are issuing fixes for their products. Researchers at the Israel Institute of Technology have identified a cryptography-related security vulnerability CVE-2018-5383 in the Bluetooth...

4.3CVSS1.3AI score0.00802EPSS
Exploits1References11
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/07/24 2:46 p.m.112 views

Bluetooth vuln CVE-2018-5383 explained

Yesterday a vulnerability, CVE-2018-5383 was released in the security specification for Bluetooth, with the title "Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange". It was given an adjusted CVSSv2 score of 5.7 - so roughly a...

0.3AI score0.00802EPSS
Exploits1
The Hacker News
The Hacker News
added 2018/07/24 8:13 a.m.0 views

New Bluetooth Hack Affects Millions of Devices from Major Vendors

Yet another bluetooth hacking technique has been uncovered. A highly critical cryptographic vulnerability has been found affecting some Bluetooth implementations that could allow an unauthenticated, remote attacker in physical proximity of targeted devices to intercept, monitor or manipulate the...

8CVSS6.2AI score0.00802EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2018/07/24 12:0 a.m.27 views

CVE-2018-10910

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable...

4.5CVSS6.3AI score0.00458EPSS
Exploits1References2
OSV
OSV
added 2018/07/24 12:0 a.m.3 views

UBUNTU-CVE-2018-10910

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable...

4.5CVSS6.1AI score0.00458EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2018/07/23 12:49 a.m.18 views

CVE-2018-10910

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Mitigation Disable Bluetooth...

4.5CVSS2.6AI score0.00458EPSS
Exploits1References2
Intel
Intel
added 2018/07/23 12:0 a.m.19 views

Bluetooth® pairing vulnerability

Summary: Bluetooth Pairing update. Description: A vulnerability in Bluetooth® pairing potentially allows an attacker with physical proximity within 30 meters to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth®...

6.9AI score
Exploits0
CERT
CERT
added 2018/07/23 12:0 a.m.586 views

Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange

Overview Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. Description CWE-325: Missi...

8CVSS6.3AI score0.00802EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/07/20 12:0 a.m.2 views

PT-2018-10177 · Bluez +4 · Bluez +4

Name of the Vulnerable Software and Affected Versions: Bluez versions prior to 5.51 Description: A bug in the system may allow the Bluetooth Discoverable state to be set to on when no Bluetooth agent is registered, potentially leading to unauthorized pairing of certain Bluetooth devices without...

7.1CVSS4.9AI score0.01033EPSS
Exploits1References32
NVD
NVD
added 2018/07/13 8:29 p.m.13 views

CVE-2016-6549

The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...

4.3CVSS4.7AI score0.01079EPSS
Exploits1References3
Prion
Prion
added 2018/07/13 8:29 p.m.14 views

Code injection

The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...

3.3CVSS7.2AI score0.01079EPSS
Exploits1References3
CVE
CVE
added 2018/07/13 8:0 p.m.42 views

CVE-2016-6549

The CVE-2016-6549 entry concerns the Zizai Tech Nut device, where unauthenticated Bluetooth pairing enables unauthenticated connected applications to write data to the device name attribute. Affected component is the Nut device’s Bluetooth pairing/authentication logic, with impact limited to mani...

4.3CVSS4.7AI score0.01079EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2018/07/13 8:0 p.m.17 views

CVE-2016-6549 Zizai Tech Nut allows for unauthenticated Bluetooth pairing

The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...

5.7AI score0.01079EPSS
Exploits1References3
Rows per page
Query Builder