VYPR

Bluetooth

by Google

CVEs (31)

  • CVE-2019-9398HigSep 27, 2019
    risk 0.49cvss 7.5epss 0.01

    In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9388HigSep 27, 2019
    risk 0.49cvss 7.5epss 0.01

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2025-26441MedSep 4, 2025
    risk 0.42cvss 6.5epss 0.00

    In add_attr of sdp_discovery.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9482MedNov 20, 2024
    risk 0.42cvss 6.5epss 0.00

    In intr_data_copy_cb of btif_hd.cc, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9502MedOct 2, 2018
    risk 0.42cvss 6.5epss 0.01

    In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2016-0830MedMar 12, 2016
    risk 0.42cvss 6.5epss 0.01

    btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service (memory corruption and persistent daemon crash) by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configuration…

  • CVE-2025-22407MedAug 26, 2025
    risk 0.36cvss 5.5epss 0.00

    In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-0030MedFeb 16, 2024
    risk 0.36cvss 5.5epss 0.00

    In btif_to_bta_response of btif_gatt_util.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-40083MedDec 4, 2023
    risk 0.36cvss 5.5epss 0.00

    In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21379MedOct 30, 2023
    risk 0.29cvss 4.4epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2015-3847Oct 6, 2015
    risk 0.00cvss epss 0.00

    Bluetooth in Android before 5.1.1 LMY48T allows attackers to remove stored SMS messages via a crafted application, aka internal bug 22343270.

Page 2 of 2