CVE-2026-27813 EVerest has use-after-free in auth timeout timer via race condition

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to use-after-free. This is triggered by EV plug-in/unplug and RFID/RemoteStart/OCPP authorization events or delayed authorization response. Version 2026.2.0 contains a patch...

CVE-2025-15181

A security flaw has been discovered in code-projects Refugee Food Management System 1.0. The impacted element is an unknown function of the file /home/pagenateRefugeesList.php. Performing manipulation of the argument rfid results in sql injection. Remote exploitation of the attack is possible. Th...

EUVD-2025-205661

A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home/editrefugee.php. The manipulation of the argument rfid results in sql injection. The attack can be launched remotely. The exploit has bee...

CVE-2025-15208 code-projects Refugee Food Management System editrefugee.php sql injection

A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home/editrefugee.php. The manipulation of the argument rfid results in sql injection. The attack can be launched remotely. The exploit has bee...

Quantum-Resistant Authentication Scheme for RFID Systems Using Lattice-Based Cryptography

We propose a novel quantum-resistant mutual authentication scheme for radio-frequency identification RFID systems. Our scheme uses lattice-based cryptography and, in particular, achieves quantum-resistance by leveraging the hardness of the inhomogeneous short integer solution ISIS problem. In...

EUVD-2025-29094

Malicious code in bioql PyPI...

CVE-2025-34224

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments expose a set of PHP scripts under the consolerelease directory without requiring authentication. An unauthenticated remote attacker can invoke these...

CVE-2025-34224

Vasion Print (formerly PrinterLogic) Virtual Appliance Host (VA) and Application (VA/SaaS deployments) are affected. Prior to versions 22.0.1049 (Host) and 20.0.2786 (Application) expose PHP scripts under the console_release directory without authentication. An unauthenticated attacker can invoke...

CVE-2025-10367

The CVE-2025-10367 entry concerns MiczFlor RPi-Jukebox-RFID (up to version 2.8.0) with an issue in /htdocs/cardEdit.php that allows cross-site scripting. The vulnerability can be exploited remotely and the public exploit has been disclosed. Multiple connected sources corroborate the affected soft...

CVE-2025-10328

A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/api/playlist/playsinglefile.php. The manipulation of the argument File leads to os command injection. The attack may be initiated remotely...

Addressing Weak Authentication like RFID, NFC in EVs and EVCs Using AI-Powered Adaptive Authentication

The rapid expansion of the Electric Vehicles EVs and Electric Vehicle Charging Systems EVCs has introduced new cybersecurity challenges, specifically in authentication protocols that protect vehicles, users, and energy infrastructure. Although widely adopted for convenience, traditional...

Siemens SIMATIC 安全漏洞

SIMATIC RF600 Readers are used for contactless identification of a variety of objects such as shipping containers, pallets, production goods, or often for recording bulk goods.SIMATIC RF1100 is an RFID-based solution for simple and versatile electronic authorization management.SIMATIC RF360R read...

Siemens SIMATIC 访问控制错误漏洞

SIMATIC RF600 Readers are used for contactless identification of a variety of objects such as shipping containers, pallets, production goods, or often for recording bulk goods.SIMATIC RF1100 is an RFID-based solution for simple and versatile electronic authorization management.SIMATIC RF360R read...

PT-2024-29372 · Unknown · Rpi-Jukebox-Rfid

Name of the Vulnerable Software and Affected Versions: RPi-Jukebox-RFID version 2.7.0 Description: A remote code execution RCE issue was discovered in RPi-Jukebox-RFID, allowing for potential code execution via the "htdocsmanageFilesFolders.php" endpoint. Recommendations: For RPi-Jukebox-RFID...

CVE-2023-50126

Missing encryption in the RFID tags of the Hozard alarm system Alarmsysteem v1.0 allow attackers to create a cloned tag via brief physical proximity to one of the original tags, which results in an attacker being able to bring the alarm system to a disarmed state...

Hozard Alarm system security breach

Hozard alarm system is an alarm system from Hozard. The Hozard Alarm system has a security vulnerability that stems from the lack of encryption of RFID tags...

CVE-2023-26942

Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a cloned tag via physical proximity to the original...

Yale Conexis L1 Security Vulnerability

The Yale Conexis L1 is a smart door lock from Yale. A security vulnerability exists in the Yale Conexis L1 v1.0.0, which stems from a weak encryption mechanism in the RFID tag that allows an attacker to create a clone of the original tag by physically approaching it...

Yale IA-210 Alarm Security Vulnerability

The Yale IA-210 Alarm is a residential alarm from Yale. The Yale IA-210 Alarm v1.0 version suffers from a security vulnerability that stems from a weak encryption mechanism in the RFID tag, which allows an attacker to create a cloned tag by physically approaching the original tag...

CVE-2023-39842

Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...