Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-30476

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00353EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/01 12:0 a.m.7 views

The vulnerability in the implementation of Secure Connections Pairing and Secure Simple Pairing according to the Bluetooth Core Specification allows a attacker to carry out a “man-in-the-middle” attack.

The vulnerability of the Secure Connections Pairing and Secure Simple Pairing implementations in the Bluetooth Core Specification relates to the retrieval of session keys upon accessing a channel from a non-endpoint. Exploiting this vulnerability could allow an attacker to carry out a...

6.8CVSS6.7AI score0.01297EPSS
Exploits1References8Affected Software3
UbuntuCve
UbuntuCve
added 2022/12/12 4:15 a.m.24 views

CVE-2022-25836

Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when the MITM negotiates Legacy Passkey Pairing with the pairing Initiator and Secure Connections Passkey Pairing...

7.5CVSS7.1AI score0.00353EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/05/19 3:50 p.m.20 views

CVE-2020-10135 Bluetooth devices supporting BR/EDR v5.2 and earlier are vulnerable to impersonation attacks

Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth...

5.4CVSS6.5AI score0.02386EPSS
Exploits2References7
ATTACKERKB
ATTACKERKB
added 2020/02/12 12:0 a.m.24 views

CVE-2019-19194

The Bluetooth Low Energy Secure Manager Protocol SMP implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key LTK if an out-of-order link-layer encryption request...

8.8CVSS3AI score0.01002EPSS
Exploits1References3
CERT
CERT
added 2018/07/23 12:0 a.m.585 views

Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange

Overview Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. Description CWE-325: Missi...

8CVSS6.3AI score0.00802EPSS
Exploits1References3
Rows per page
Query Builder