threat
engine
.sh
Back
·
··:··
Home
/
Product
/
bluez
Product
bluez
41 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-8805
all versions
BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacen
8.8
HIGH
CVE-2023-51596
all versions
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-
7.1
HIGH
CVE-2023-51594
all versions
BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers t
5.7
MEDIUM
CVE-2023-51592
all versions
BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows ne
5.7
MEDIUM
CVE-2023-51589
all versions
BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows n
5.7
MEDIUM
CVE-2023-51580
all versions
BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability a
5.7
MEDIUM
CVE-2023-50230
>= 5.66 and < 5.70
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-
8.0
HIGH
CVE-2023-50229
>= 5.66 and < 5.70
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-
8.0
HIGH
CVE-2023-44431
all versions
BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjac
8.0
HIGH
CVE-2023-27349
all versions
BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows networ
8.0
HIGH
CVE-2022-3637
< 5.65
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function jlink_init o
2.6
LOW
CVE-2022-3563
< 5.65
A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function read_50_controller_cap_complete
3.5
LOW
CVE-2022-39177
< 5.59
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities ca
8.8
HIGH
CVE-2022-39176
< 5.59
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not va
8.8
HIGH
CVE-2022-0204
< 5.63
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass speci
8.8
HIGH
CVE-2021-3658
< 5.61
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered
6.5
MEDIUM
CVE-2019-8922
<= 5.48
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough
8.8
HIGH
CVE-2019-8921
<= 5.48
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP i
6.5
MEDIUM
CVE-2021-41229
all versions
BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates
4.3
MEDIUM
CVE-2021-43400
all versions
An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus proces
9.1
CRITICAL
CVE-2021-3588
< 5.56
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as
3.3
LOW
CVE-2021-0129
< 5.57
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
5.7
MEDIUM
CVE-2020-24490
all versions
Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent acces
6.5
MEDIUM
CVE-2020-27153
< 5.55
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could p
8.6
HIGH
CVE-2020-0556
< 5.54
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalat
7.1
HIGH
CVE-2018-10910
< 5.51
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the syste
4.5
MEDIUM
CVE-2017-1000250
<= 5.46
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows re
6.5
MEDIUM
CVE-2016-7837
<= 5.41
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some us
7.8
HIGH
CVE-2016-9918
all versions
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can
7.5
HIGH
CVE-2016-9917
all versions
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered b
7.5
HIGH
CVE-2016-9804
all versions
In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists be
5.3
MEDIUM
CVE-2016-9803
all versions
In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue ex
5.3
MEDIUM
CVE-2016-9802
all versions
In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be t
5.3
MEDIUM
CVE-2016-9801
all versions
In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing cor
5.3
MEDIUM
CVE-2016-9800
all versions
In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exi
5.3
MEDIUM
CVE-2016-9799
all versions
In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered
5.3
MEDIUM
CVE-2016-9798
all versions
In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be tri
5.3
MEDIUM
CVE-2016-9797
all versions
In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be t
5.3
MEDIUM
CVE-2008-2374
< 3.34
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate st
9.8
CRITICAL
CVE-2006-6899
<= 2.24
hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interfac
CVE-2005-2547
all versions
security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters i
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin