CVE-2025-65823

The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for the test network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor...

CVE-2025-65823

The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for the test network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor...

CVE-2025-43374

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.5, visionOS 2.5, watchOS 11.5. An attacker in physical proximity may be able to cause an...

CVE-2025-43374

CVE-2025-43374 involves an out-of-bounds read in kernel memory that could be triggered by an attacker in physical proximity. Apple fixes indicate this affects iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, macOS Sequoia 15.5, and watchOS 11.5, wi...

EUVD-2015-6775

Malware in sbrugna...

CVE-2024-28092

UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...

CVE-2023-48419 An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in EoP

An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege...

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

SUSE CVE-2014-7300

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging...

CVE-2021-27941

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...

wpa_supplicant: Use-after-free in P2P provision discovery processing

A flaw was found in the wpasupplicant, in the way it processes P2P Wi-Fi Direct provision discovery requests. This flaw allows an attacker who is within radio range of the device running P2P discovery to cause termination of the wpasupplicant process or potentially cause code execution. The highe...

CVE-2019-8804

An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup...

Dell Encryption Enterprise Information Disclosure Vulnerability

Dell Encryption Enterprise is a suite of data protection solutions from Dell USA. The product includes features such as compliance management, authentication, disk data encryption and port encryption. An information disclosure vulnerability exists in Dell Encryption Enterprise version 10.1.0 and...

Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-07926)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A lock screen elevation of privilege vulnerability exists in Microsoft Windows that originates from a program error that allows loading of web content from the Windows lock screen. An attacker in close...