Lucene search
K

74 matches found

Schneier on Security
Schneier on Security
added 2026/06/09 3:6 p.m.13 views

GPS As a Key Distribution Platform

This is interesting: The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite into a hidden "numbers station," according to Steven Murdoch… That means every device that uses GPS has been receiving...

5.3AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2026/06/06 10:30 a.m.17 views

Crypto-Funded Chinese Peptide Labs Are Booming

Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite mystery may have been solved, and more...

5.5AI score
Exploits0
EUVD
EUVD
added 2026/04/07 9:32 p.m.4 views

EUVD-2025-209278

An issue in JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to force the infotainment system into accepting falsified GPS signals as legitimate, resulting in the device reporting an incorrect or static location...

5.9AI score0.00465EPSS
Exploits0References3
CVE
CVE
added 2026/04/07 12:0 a.m.9 views

CVE-2025-69515

The CVE-2025-69515 entry relates to JXL’s 9 Inch Car Android Double Din Player (Android v12.0). It describes a flaw that lets attackers force the infotainment system to accept falsified GPS signals as legitimate, causing incorrect or static location reporting. Affected component: GPS/location han...

9.1CVSS5.9AI score0.00465EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 12:0 a.m.2 views

CVE-2025-69515

An issue in JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to force the infotainment system into accepting falsified GPS signals as legitimate, resulting in the device reporting an incorrect or static location...

5.9AI score0.00465EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/07 12:0 a.m.5 views

CVE-2025-69515

An issue in JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to force the infotainment system into accepting falsified GPS signals as legitimate, resulting in the device reporting an incorrect or static location...

5.9AI score0.00465EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.9 views

JXL 9 Inch Car Android Double Din Player 安全漏洞

JXL 9 Inch Car Android Double Din Player is a vehicle infotainment system developed by JXL Corporation. Version 12.0 of the JXL 9 Inch Car Android Double Din Player contains a security vulnerability. This vulnerability arises from the ability for attackers to force the infotainment system to acce...

9.1CVSS5.8AI score0.00465EPSS
Exploits0References2
CVE
CVE
added 2026/04/06 3:33 p.m.20 views

CVE-2025-47392

CVE-2025-47392 describes a memory corruption issue that occurs when decoding corrupted satellite data files with invalid signature offsets. The NVD records a CVSS v3.1 base score of 8.8 (HIGH) with adjacent attack vector, no privileges or user interaction required, and high impact on confidential...

8.8CVSS5.9AI score0.00165EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 3:33 p.m.3 views

CVE-2025-47392 Integer Overflow or Wraparound in GPS

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

8.8CVSS5.9AI score0.00165EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2026/03/31 5:34 p.m.9 views

The US Military’s GPS Software Is an $8 Billion Mess

The GPS Next-Generation Operational Control System was due for completion in 2016. Ten years later, the software for controlling the military’s GPS satellites still doesn’t work...

5.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/06 12:19 p.m.5 views

CVE-2018-25192

GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...

8.8CVSS5.9AI score0.00284EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.6 views

GPS Tracking System SQL注入漏洞

GPS Tracking System is a GPS tracking system developed by lahirutm. Version 2.12 of GPS Tracking System has a SQL injection vulnerability. This vulnerability stems from an SQL injection issue with the username parameter in the login.php file, which could allow unverified attackers to bypass...

8.8CVSS5.9AI score0.00284EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/02/20 12:0 a.m.3 views

Orbital Escalation: Modeling Satellite Ransomware Attacks Using Game Theory

Ransomware has yet to reach orbit, but the conditions for such an attack already exist. This paper presents the first game-theoretic framework for modeling ransomware against satellites: the orbital escalation game. In this model, the attacker escalates ransom demands across orbital passes, while...

5.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/02 1:52 a.m.8 views

gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds write in NMEA2000 packet handling

A flaw was found in gpsd. The hnd129540 function, responsible for handling NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to properly validate the user-supplied satellite count. A remote attacker can exploit this by sending a specially crafted packet with an excessive satellite count,...

9.8CVSS6.1AI score0.00674EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.2 views

AlmaLinux 10 : gpsd (ALSA-2026:0770)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0770 advisory. gpsd: gpsd: Denial of Service due to malformed NAVCOM packet parsing CVE-2025-67269 gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds wri...

9.8CVSS6.2AI score0.00674EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2026/01/09 11:17 a.m.3 views

CVE-2021-0547

In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker-controlled value to a GPS HAL handler due to a missing permission check. This could lead to local escalation of privilege that may result in undefined behavior in some HAL implementations with no additional...

7.8CVSS6.7AI score0.00108EPSS
Exploits0References1
Fedora
Fedora
added 2026/01/02 12:41 a.m.8 views

[SECURITY] Fedora 43 Update: direwolf-1.8.1-1.fc43

Dire Wolf is a modern software replacement for the old 1980's style TNC built with special hardware. Without any additional software, it can perform as an APRS GPS Tracker, Digipeater, Internet Gateway IGate, APRStt gateway. It can also be used as a virtual TNC for other applications such as...

8.7CVSS6.7AI score0.00468EPSS
Exploits0
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.4 views

SICK AG TLOC100-100 安全漏洞

The SICK AG TLOC100-100 is a mobile robot positioning system from SICK Germany. A security vulnerability exists in the SICK AG TLOC100-100, which stems from the possibility of a block size mismatch that could prevent file transfers and subsequent transfers...

7.5CVSS6.5AI score0.00373EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.4 views

SICK AG TLOC100-100 安全漏洞

The SICK AG TLOC100-100 is a mobile robot positioning system from SICK Germany. A security vulnerability exists in the SICK AG TLOC100-100 that stems from an attacker's access to a non-privileged account via SSH could result in a service interruption, causing a loss of persistent availability...

7.5CVSS6.5AI score0.00315EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2025/10/17 12:0 a.m.18 views

C/N0 Analysis-Based GPS Spoofing Detection with Variable Antenna Orientations

GPS spoofing poses a growing threat to aviation by falsifying satellite signals and misleading aircraft navigation systems. This paper demonstrates a proof-of-concept spoofing detection strategy based on analyzing satellite Carrier-to-Noise Density Ratio C/N$0$ variation during controlled static...

6.8AI score
Exploits0
Rows per page
Query Builder