CVE Tools

bluez project

Operating Systemsoss-project

6

Cumulative CVEs

5

Monthly snapshots

#73

Peak rank

Top products

Latest CVEs

The 14 most recently published vulnerabilities affecting bluez project.

CVE-2023-50229BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability8.0May 3, 2024
CVE-2023-27349BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability8.0May 3, 2024
CVE-2022-3637Linux Kernel BlueZ jlink.c jlink_init denial of service2.6Oct 21, 2022
BDU:2022-04100Уязвимость стека протоколов Bluetooth для ОС Linux BlueZ, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю выполнить произвольный код7.5Jul 6, 2022
CVE-2022-0204A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading...8.8Mar 9, 2022
CVE-2021-3658bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be disc...6.5Mar 2, 2022
CVE-2021-41229Memory leak in BlueZ4.3Nov 12, 2021
CVE-2021-43400An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.9.1Nov 4, 2021
CVE-2020-26558Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey aut...4.2May 24, 2021
CVE-2016-7837Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.7.8Jun 9, 2017
CVE-2016-9918In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result i...7.5Dec 8, 2016
CVE-2006-6899hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoin...5.4Jan 8, 2007
CVE-2006-0670Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation P...5.0Feb 13, 2006
CVE-2005-2547security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper.7.5Aug 12, 2005