← Back

Bluestacks

bluestacks

7 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Bluestacks
bluestacks
6 CVEs
Bluestacks App Player
bluestacks_app_player
1 CVE

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-25548
1Bluestacks
1Bluestacks
Apr 16, 2026
Mar 21, 2026
6.9 MEDIUM· v4
5.5 MEDIUM· v3
N/A· v2
BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer of 100,000 'A' charac...Show more
BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer of 100,000 'A' characters into the search field and trigger a search operation to cause the application to crash.Show less
CVE-2025-44964
1Bluestacks
1Bluestacks
Aug 14, 2025
Aug 5, 2025
N/A· v4
3.9 LOW· v3
N/A· v2
A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.
CVE-2020-24367
1Bluestacks
1Bluestacks
Nov 21, 2024
Nov 10, 2020
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privileges by modifying a file that is later executed by a higher-privileged user.
CVE-2019-14220
1Bluestacks
1Bluestacks
Nov 21, 2024
Sep 24, 2019
N/A· v4
6.5 MEDIUM· v3
4.9 MEDIUM· v2
An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in...Show more
An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in a local arbitrary file read through a system service call. The impacted method runs with System admin privilege and if given the file name as parameter returns you the content of file. A malicious app using the affected method can then read the content of any system file which it is not authorized to readShow less
CVE-2019-12936
1Bluestacks
1Bluestacks App Player
Nov 21, 2024
Jun 23, 2019
N/A· v4
8.0 HIGH· v3
6.0 MEDIUM· v2
BlueStacks App Player 2, 3, and 4 before 4.90 allows DNS Rebinding for attacks on exposed IPC functions.
CVE-2018-0701
1Bluestacks
1Bluestacks
Nov 21, 2024
Nov 15, 2018
N/A· v4
8.8 HIGH· v3
5.8 MEDIUM· v2
BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0.0 and later) allows an attacker on the same network segment to bypass access restriction to gain unauthorized...Show more
BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0.0 and later) allows an attacker on the same network segment to bypass access restriction to gain unauthorized access.Show less
CVE-2016-4288
1Bluestacks
1Bluestacks
May 6, 2026
Jan 6, 2017
N/A· v4
8.4 HIGH· v3
7.2 HIGH· v2
A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak permissions that allows users to execute arbitrary programs with SYSTEM pri...Show more
A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak permissions that allows users to execute arbitrary programs with SYSTEM privileges.Show less