Blueman Project Blueman vulnerabilities
2 known vulnerabilities affecting blueman_project/blueman.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2015-8612P3HIGHCVSS 8.4PoC≤ 2.02016-01-08
CVE-2015-8612 [HIGH] CWE-264 CVE-2015-8612: The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.
The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument.
nvdosv
CVE-2020-15238P3HIGHCVSS 7.0PoCfixed in 2.1.42020-10-27
CVE-2020-15238 [HIGH] CWE-74 CVE-2020-15238: Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus int
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any local user can possibly exploit this. If Polkit-1 is enable
nvdosv