CVE-2026-48235

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses InstaMapper and Google Latitude integration are concatenated into...

CVE-2026-48235 Open ISES Tickets < 3.44.2 SQL Injection in incs/remotes.inc.php via External GPS Tracker Data

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses InstaMapper and Google Latitude integration are concatenated into...

PT-2026-42513

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses InstaMapper and Google Latitude integration are concatenated into...

[SECURITY] Fedora 42 Update: direwolf-1.8.1-1.fc42

Dire Wolf is a modern software replacement for the old 1980's style TNC built with special hardware. Without any additional software, it can perform as an APRS GPS Tracker, Digipeater, Internet Gateway IGate, APRStt gateway. It can also be used as a virtual TNC for other applications such as...

EUVD-2017-14343

Malware in sbrugna...

EUVD-2021-19650

Malware in sbrugna...

EUVD-2021-19648

Malware in sbrugna...

EUVD-2017-14342

Malware in sbrugna...

EUVD-2017-14344

Malware in sbrugna...

EUVD-2022-36980

Malicious code in bioql PyPI...

EUVD-2022-37165

Malicious code in bioql PyPI...

EUVD-2022-34395

Malicious code in bioql PyPI...

EUVD-2022-34426

Malicious code in bioql PyPI...

EUVD-2022-34482

Malicious code in bioql PyPI...

CVE-2025-51643

Meitrack T366G-L GPS Tracker devices contain an SPI flash chip Winbond 25Q64JVSIQ that is accessible without authentication or tamper protection. An attacker with physical access to the device can use a standard SPI programmer to extract the firmware using flashrom. This results in exposure of...

Meitrack T366G-L GPS Tracker 安全漏洞

Meitrack T366G-L GPS Tracker is a vehicle GPT locator from Meitrack China. A security vulnerability exists in the Meitrack T366G-L GPS Tracker, which originates from improper access control of the SPI flash memory chip and could lead to the disclosure of sensitive configuration data...

CVE-2021-32927

An attacker may be able to inject client-side JavaScript code on multiple instances within all versions of Uffizio GPS Tracker...

CVE-2021-32929

All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user...

CVE-2020-17485

A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker all versions. The web server can be compromised by uploading and executing a web/reverse shell. An attacker could then run commands, browse system files, and browse local resources...

CVE-2020-17483

An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have...