📦 Nimble

This vulnerability in Apache NimBLE allows an attacker to downgrade encrypted Bluetooth Low Energy connections to unencrypted state after a Pause Encryption procedure, enabling eavesdropping on subseq...

A NULL pointer dereference vulnerability in Apache NimBLE's Bluetooth stack occurs when HCI connection completion or command transmission buffers lack proper validation. This could cause crashes or in...

This vulnerability allows attackers to bypass authentication in Apache NimBLE by sending specially crafted Security Request packets. An attacker can remove existing secure bonds and force re-bonding w...

This CVE describes an out-of-bounds read vulnerability in Apache NimBLE's Bluetooth stack. It allows reading beyond allocated memory boundaries when processing HCI events from a malicious or faulty Bl...

Apache NimBLE versions through 1.7.0 have an improper array index validation vulnerability in HCI event handling that could allow memory corruption and crashes. This requires a malicious or malfunctio...

An out-of-bounds read vulnerability in Apache NimBLE's HCI H4 driver allows a malicious or malfunctioning Bluetooth controller to trigger invalid memory reads. This affects all Apache NimBLE versions ...