180 matches found
CVE-2024-23277
The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard...
CVE-2024-23277
CVE-2024-23277 concerns macOS Sonoma 14.4, iOS 17.4, and iPadOS 17.4. The vulnerability allows an attacker on a privileged network position to inject keystrokes by spoofing a keyboard. Apple’s security content indicates this issue is addressed in the 14.4/17.4 updates. The root cause is tied to k...
Apple macOS Sonoma Security Vulnerability
Apple macOS Sonoma is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sonoma version 14.4, which originated when an attacker with privileged network status may be able to inject keystrokes by spoofing the keyboard...
PT-2024-20033 · Bluetooth · Bluetooth
Name of the Vulnerable Software and Affected Versions: Bluetooth versions affected versions not specified Description: The issue is related to improper input validation in the access secure service from temp bond function of btm sec.cc, which could allow keystroke injection. This might lead to...
ASB-A-318374503
In accesssecureservicefromtempbond of btmsec.cc, there is a possible way to achieve keystroke injection due to improper input validation. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Important: bluez
Issue Overview: bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 Affected Packages: bluez Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL...
Exploit for Improper Authentication in Google Android
Hi, My Name is Keyboard This repository contains proof-of-con...
Important: bluez
Issue Overview: bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 Affected Packages: bluez Issue Correction: Run dnf update bluez --releasever 2023.3.20240108 or dnf update --advisory ALAS2023-2024-473 --releasever 2023.3.2024010...
Important: bluez
Issue Overview: bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 Affected Packages: bluez Issue Correction: Run dnf update bluez --releasever 2023.3.20240108 to update your system. New Packages: aarch64: ...
WiFi-password-stealer - Simple Windows And Linux Keystroke Injection Tool That Exfiltrates Stored WiFi Data (SSID And Password)
Have you ever watched a film where a hacker would plug-in, seemingly ordinary, USB drive into a victim's computer and steal data from it? - A proper wet dream for some. Disclaimer : All content in this project is intended for security research purpose only. Introduction During the summer of 2022,...
Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS
By Waqas Another day, another Bluetooth vulnerability impacting billions of devices worldwide! This is a post from HackRead.com Read the original post: Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS...
USN-6540-1 bluez vulnerability
It was discovered that BlueZ did not properly restrict non-bonded devices from injecting HID events into the input subsystem. This could allow a physically proximate attacker to inject keystrokes and execute arbitrary commands whilst the device is discoverable...
ASB-A-294854926
In multiple locations, there is a possible way to inject keystrokes due to improper input validation. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-48034
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption...
CVE-2023-48034
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption...
Acer Wireless Keyboard SK-9662 Security Vulnerability
Acer Wireless Keyboard SK-9662 is a wireless keyboard from Acer China. The Acer Wireless Keyboard SK-9662 suffers from a security vulnerability that stems from the use of weak encryption in the wireless protocol, which allows an attacker to easily monitor and record keylogging and inject arbitrar...
CVE-2023-48034
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption...
CVE-2023-47250
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...
PT-2023-30392 · Unknown · Mprivacy-Tools
Name of the Vulnerable Software and Affected Versions: mprivacy-tools versions prior to 2.0.406g Description: The issue allows authenticated attackers with access to a VNC session to bypass access control on X11 server sockets. By specifying the DISPLAY ID of other users, attackers can gain...
PT-2023-7536 · Acer · Acer Wireless Keyboard Sk-9662
Name of the Vulnerable Software and Affected Versions: Acer Wireless Keyboard SK-9662 affected versions not specified Description: The issue is related to weak encryption in the Acer Wireless Keyboard SK-9662, allowing an attacker in physical proximity to decrypt wireless keystrokes and inject...