CVE-2026-1354 Zero Motorcycles Firmware Key Exchange without Entity Authentication

Zero Motorcycles firmware versions 44 and prior enable an attacker to forcibly pair a device with the motorcycle via Bluetooth. Once paired, an attacker can utilize over-the-air firmware updating functionality to potentially upload malicious firmware to the motorcycle. The motorcycle must first b...

CVE-2025-66803

Race condition in the turbo-frame element handler in Hotwired Turbo before 8.0.x causes logout operations to fail when delayed frame responses reapply session cookies after logout. This can be exploited by remote attackers via selective network delays e.g. delaying requests based on sequence or...

AIRTH SMART HOME AQI MONITOR Bootloader 安全漏洞

The AIRTH SMART HOME AQI MONITOR Bootloader is the underlying software for an air quality detector from AIRTH India. A security vulnerability exists in AIRTH SMART HOME AQI MONITOR Bootloader version 1.005, which originates from physical proximity Attackers can access the BK7231N controller throu...

CVE-2025-65828

An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy BLE to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from...

CVE-2025-59698

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...

CVE-2025-43374

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.5, visionOS 2.5, watchOS 11.5. An attacker in physical proximity may be able to cause an...

EUVD-2025-198518

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, macOS Sequoia 15.5, watchOS 11.5. An attacker in physical proximity may be able to cause an out-of-bounds rea...

Nous W3 安全漏洞

Nous W3 is a webcam from the Polish company Nous. A security vulnerability exists in Nous W3 version 1.33.50.82, which stems from a flaw in the firmware update mechanism that allows an attacker in physical proximity to elevate privileges to root via a specially crafted update.tar archive file...

EUVD-2021-12247

Malware in sbrugna...

EUVD-2016-4902

Malware in sbrugna...

EUVD-2020-4922

Malware in sbrugna...

CVE-2025-56019

An insecure permission vulnerability exists in the Agasta Easytouch+ version 9.3.97 The device allows unauthorized mobile applications to connect via Bluetooth Low Energy BLE without authentication. Once an unauthorized connection is established, legitimate applications are unable to connect,...

CVE-2023-26943

Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a cloned tag via physical proximity to the original...

CVE-2021-25340

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State...

CVE-2020-12702

Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...

CVE-2020-8997

Older generation Abbott FreeStyle Libre sensors allow remote attackers within close proximity to enable write access to memory via a specific NFC unlock command. NOTE: The vulnerability is not present in the FreeStyle Libre 14-day in the U.S announced in August 2018 and FreeStyle Libre 2 outside...

CVE-2010-4212

The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proximate attackers to obtain sensitive banking information by reading application data...

CVE-2025-28201

An issue in Victure RX1800 ENV1.0.0r12110933 allows physically proximate attackers to execute arbitrary code or gain root access...

CVE-2025-28201

An issue in Victure RX1800 ENV1.0.0r12110933 allows physically proximate attackers to execute arbitrary code or gain root access...

CVE-2025-25984

An issue in Macro-video Technologies Co.,Ltd V380E6C1 IP camera HwHsAKPIQpWFXHR 1020302 allows a physically proximate attacker to execute arbitrary code via UART component...