CVE-2025-70994

Yadea T5 Electric Bicycles models manufactured in/after 2024 have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal...

EUVD-2025-209567

Yadea T5 Electric Bicycles models manufactured in/after 2024 have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal...

CVE-2025-70994

Yadea T5 Electric Bicycles models manufactured in/after 2024 have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal...

CVE-2025-70994

Yadea T5 Electric Bicycles models manufactured in/after 2024 have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal...

CVE-2025-70994

CVE-2025-70994 affects Yadea T5 Electric Bicycles (models manufactured in/after 2024). The keyless-entry system uses the EV1527 fixed-code RF protocol without rolling codes or cryptographic challenge-response, enabling a local attacker who intercepts a legitimate fob transmission to perform a rep...

CVE-2025-70994

Yadea T5 Electric Bicycles models manufactured in/after 2024 have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal...

PT-2026-34662

Yadea T5 Electric Bicycles models manufactured in/after 2024 have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal...

sui_vulnerable_vault

I will update this project in the future. Now, we have to co...

CVE-2025-43274

The CVE-2025-43274 entry concerns macOS Sequoia where a privacy issue allowed a sandboxed process to bypass sandbox restrictions. Apple fixed it in Sequoia 15.6 by removing the vulnerable code. The vulnerability is described as a sandbox bypass with local impact, and the public records confirm th...

CVE-2024-44133

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. On MDM managed devices, an app may be able to bypass certain Privacy preferences...

Security Bulletin: Network Security (NSS) vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in Network Security NSS affects IBM SAN Volume Controller, IBM Storwize V7000, V5000, V5100, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The applicable vulnerability is...

CVE-2021-29432

Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d...

CVE-2018-17230

Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service heap-based buffer overflow via a crafted image file...

Paragon Initiative Enterprises: Full Path Disclosure

Hi as reported in email, there is a full path disclosure in EasyDB you fixed some of them in last commit add this code before and "execute$params" function call! ifcount$params != count$params,COUNTRECURSIVE throw new \InvalidArgumentException"Invalid params"; this will check $params to be 1d...

Using Toys to Open a Fixed-Code Garage Door in 10 Seconds

It may be time to upgrade your garage door opener. Security researcher Samy Kamkar has developed a new technique that enables him to open almost any garage door that uses a fixed code–and he implemented it on a $12 child’s toy. The attack Kamkar devised, known as OpenSesame, reduces the amount of...