6 matches found
PT-2026-34184
Name of the Vulnerable Software and Affected Versions Zero Motorcycles firmware versions 44 and prior Description An issue in the Bluetooth pairing process allows an attacker in close proximity to forcibly pair a device with the motorcycle while it is in pairing mode. Once paired, the attacker ca...
CVE-2026-28806
Improper Authorization vulnerability in nerves-hub nerveshubweb allows cross-organization device control via device bulk actions and device update API. Missing authorization checks in the device bulk actions and device update API endpoints allow authenticated users to target devices belonging to...
EUVD-2022-39075
Malicious code in bioql PyPI...
CVE-2021-22909
A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle MitM attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later...
Two Critical Flaws — CVSS Score 10 — Affect Dell Wyse Thin Client Devices
A team of researchers today unveiled two critical security vulnerabilities in Dell Wyse Thin clients that could have potentially allowed attackers to remotely execute malicious code and access arbitrary files on affected devices. The flaws, which were uncovered by healthcare cybersecurity provide...
CVE-2020-15498
An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.38520253. The router accepts an arbitrary server certificate for a firmware update. The culprit is the --no-check-certificate option passed to wget tool used to download firmware update files...