Lucene search
K

59 matches found

Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.17 views

Capacitive Touchscreens at Risk: A Practical Side-Channel Attack on Smartphones Via Electromagnetic Emanations

Capacitive touchscreens in modern smartphones introduce severe side-channel vulnerabilities. However, existing attacks often require restrictive conditions or invasive measurements. This paper presents TESLA, a novel, contactless electromagnetic EM side-channel attack that exploits inherent EM...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/21 12:45 p.m.9 views

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. "The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-37392

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01288EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/08/18 12:47 p.m.24 views

⚡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More

Power doesn't just disappear in one big breach. It slips away in the small stuff—a patch that's missed, a setting that's wrong, a system no one is watching. Security usually doesn't fail all at once; it breaks slowly, then suddenly. Staying safe isn't about knowing everything—it's about acting fa...

10CVSS9.6AI score0.99999EPSS
Exploits48
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.5 views

CVE-2023-33222

When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...

9.8CVSS7.7AI score0.01288EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:13 p.m.5 views

CVE-2021-39810

In verifyDefaults of CardEmulationManager.java, there is a possible way to set a third party app as the default contactless payment app without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.8CVSS6.7AI score0.00112EPSS
Exploits0References1
HackRead
HackRead
added 2025/04/23 10:14 a.m.9 views

M&S Cyberattack Disrupts Contactless Payments and Click & Collect Services

Marks & Spencer M&S cyberattack disrupts contactless payments and Click & Collect; investigation launched as retailer apologises and…...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/17 12:0 a.m.1 views

SoK: Security of EMV Contactless Payment Systems

The widespread adoption of EMV Europay, Mastercard, and Visa contactless payment systems has greatly improved convenience for both users and merchants. However, this growth has also exposed significant security challenges. This SoK provides a comprehensive analysis of security vulnerabilities in...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/09/03 4:38 p.m.13 views

London’s city transport hit by cybersecurity incident [updated]

Transport for London TfL, the citys transport authority, is fighting through an ongoing cyberattack. TfL runs three separate units that arrange transports on Londons surface, underground, and Crossrail transportation systems. It serves some 8 million inhabitants of the London metropolitan area. I...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/26 4:46 a.m.17 views

New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards

Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as...

6.8AI score
Exploits0
HackRead
HackRead
added 2024/08/21 8:50 p.m.8 views

From Offices to Hotels: Backdoor in Contactless Key Cards Enables Mass Cloning

Millions of office and hotel contactless access cards using Fudan Microelectronics chips are vulnerable to a hardware backdoor…...

7.3AI score
Exploits0
OSV
OSV
added 2024/01/11 9:15 p.m.3 views

CVE-2023-50129

Missing encryption in the NFC tags of the Flient Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original tags, which results in an attacker gaining access to the perimeter...

6.5CVSS5.8AI score0.00143EPSS
Exploits1References1
NVD
NVD
added 2023/12/15 12:15 p.m.22 views

CVE-2023-33222

When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...

9.8CVSS0.01288EPSS
Exploits0References1
OSV
OSV
added 2023/12/15 12:15 p.m.6 views

CVE-2023-33222

When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...

9.8CVSS6.3AI score0.01288EPSS
Exploits0References1
Prion
Prion
added 2023/12/15 12:15 p.m.24 views

Stack overflow

When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...

7.5CVSS7.9AI score0.01288EPSS
Exploits0References1Affected Software8
Cvelist
Cvelist
added 2023/12/15 11:33 a.m.22 views

CVE-2023-33222 Stack buffer overflow when reading DESFire card

When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...

6.8CVSS10AI score0.01288EPSS
Exploits0References1
CVE
CVE
added 2023/12/15 11:33 a.m.56 views

CVE-2023-33222

CVE-2023-33222 describes a stack-based buffer overflow when reading DESFire contactless cards due to a function that does not check data boundaries. Affected context is described as a card-reader/readerStack overflow leading to potential Remote Code Execution on the targeted device. Exploitation ...

9.8CVSS8.5AI score0.01288EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/15 12:0 a.m.5 views

PT-2023-24232 · Idemia · Morphowave Compact/Xp +11

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue arises when handling contactless cards, specifically due to the usage of a function that does not check the boundary on the data received whil...

9.8CVSS9.7AI score0.01288EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/12/15 12:0 a.m.6 views

WordPress Plugin SIGMA Lite & Lite+ Buffer Error Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

9.8CVSS8AI score0.01288EPSS
Exploits0References3
NVD
NVD
added 2023/10/30 5:15 p.m.40 views

CVE-2021-39810

In verifyDefaults of CardEmulationManager.java, there is a possible way to set a third party app as the default contactless payment app without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.8CVSS7.8AI score0.00112EPSS
Exploits0References2
Rows per page
Query Builder