CVSS: 6.3EPSS: 31%CPEs: 28EXPL: 8CVE-2023-45866 – bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution
https://notcve.org/view.php?id=CVE-2023-45866
07 Dec 2023 — Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. Bluetooth HID Hosts in BlueZ ... • https://github.com/pentestfunctions/BlueDucky • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2008-3613
https://notcve.org/view.php?id=CVE-2008-3613
16 Sep 2008 — Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving a search for a remote disk on the local network. Finder en Apple Mac OS X 10.5.2 a la 10.5.4, permite a atacantes remotos provocar una denegación de servicio (referencia a puntero null y caída de aplicación) a través de vectores relacionados con una búsqueda de disco remoto en la red local. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html • CWE-399: Resource Management Errors •