63 matches found
CVE-2025-25984
An issue in Macro-video Technologies Co.,Ltd V380E6C1 IP camera HwHsAKPIQpWFXHR 1020302 allows a physically proximate attacker to execute arbitrary code via UART component...
CVE-2024-44754
Cryptographic key extraction from internal flash in Minut M2 with firmware version 15142 allows physically proximate attackers to inject modified firmware into any other Minut M2 product via USB...
SUSE CVE-2023-45896
ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds read. A length val...
Yale IA-210 Alarm Security Vulnerability
The Yale IA-210 Alarm is a residential alarm from Yale. The Yale IA-210 Alarm v1.0 version suffers from a security vulnerability that stems from a weak encryption mechanism in the RFID tag, which allows an attacker to create a cloned tag by physically approaching the original tag...
PT-2023-20863 · Yale · Yale Ia-210 Alarm
Name of the Vulnerable Software and Affected Versions: Yale IA-210 Alarm version 1.0 Description: The issue is related to weak encryption mechanisms in RFID Tags, allowing attackers to create a cloned tag via physical proximity to the original. Recommendations: For Yale IA-210 Alarm version 1.0,...
Yale Keyless Lock Security Vulnerability
Yale Keyless Lock is a keyless connected smart lock from Yale. A security vulnerability exists in Yale Keyless Lock v1.0, which stems from a weak encryption mechanism in the RFID tags, leading to an attacker being able to create a clone of the original tag by getting physically close to it...
kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c
An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...
About the security content of tvOS 17
About the security content of tvOS 17 This document describes the security content of tvOS 17. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...
CVE-2023-39841
Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...
CVE-2023-39843
Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...
CVE-2023-39842
Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...
Digoo DG-HAMB Smart Home Security System 安全漏洞
Digoo DG-HAMB Smart Home Security System is a smart home security alarm system suite from Digoo. A security vulnerability exists in the Digoo DG-HAMB Smart Home Security System v1.0 version. An attacker exploiting this vulnerability could create a cloned tag by briefly physically approaching the...
kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c
A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...
CVE-2023-33203
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device...
SUSE CVE-2016-3136
The mctu232msrtostate function in drivers/usb/serial/mctu232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a crafted USB device without two interrupt-in endpoint descriptors...
SUSE CVE-2022-42896
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow code execution and leaking kernel memory respectively remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via...
Amazon Linux 2 : kernel (ALAS-2022-1903)
The version of kernel installed on the remote host is prior to 4.14.301-224.520. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1903 advisory. A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is...
Medtronic NGP 600 Series 安全漏洞
The Medtronic NGP 600 Series is a line of insulin pumps and accessories from Medtronic, Inc. A security vulnerability exists in Medtronic NGP 600 Series version 2.4, which originates from the exploitation of wireless signals that require proximity to the patient and the device. The following...
CVE-2022-39176
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate paramslen...
USN-5390-2: Linux kernel (Raspberry Pi) vulnerabilities
David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman discovered that the netfilter subsystem in t...