CVE-2026-7763

A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio range to cause a Denial of Service kernel panic or potentially achieve Remote Code Execution via a...

CVE-2026-45323

MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names are rendered without HTML escaping in meshcore-card, allowing any node within direct or indirect repeated radio range to execute arbitrary javascript in the Home Assistant frontend of anyone...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000872)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000872 advisory. Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker within radio range to...

EUVD-2017-4605

Malware in sbrugna...

EUVD-2019-7533

Malware in sbrugna...

EUVD-2021-20806

Malware in sbrugna...

CVE-2021-34150

The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections disabling the AB5301A inqui...

CVE-2019-19195

The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...

CVE-2019-19196

The Bluetooth Low Energy Secure Manager Protocol SMP implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices accepts a pairing request with a key size greater than 16 bytes, allowing an...

K000135433: WPA use-after-free vulnerability CVE-2021-27803

Security Advisory Description A vulnerability was discovered in how p2p/p2ppd.c in wpasupplicant before 2.10 processes P2P Wi-Fi Direct provision discovery requests. It could result in denial of service or other impact potentially execution of arbitrary code, for an attacker within radio range...

K11270891: Multiple Intel Linux Wi-Fi Drivers vulnerabilities CVE-2020-12313, CVE-2020-12317, CVE-2020-12319, CVE-2017-13080

Security Advisory Description CVE-2020-12313 Insufficient control flow management in some IntelR PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. CVE-2020-12317 Improper buffer restriction in...

CVE-2022-45191

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a pair confirm message with wrong values...

Design/Logic Flaw

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can bypass passkey entry in the legacy pairing of the device...

Cross site request forgery (csrf)

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a cleartext encryption pause request...

CVE-2022-45192

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a cleartext encryption pause request...

CVE-2022-45191

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a pair confirm message with wrong values...

CVE-2022-45192

The CVE-2022-45192 entry describes a vulnerability in Microchip RN4870, version 1.43, where an attacker within BLE radio range can cause a denial of service by sending a cleartext encryption pause request. The available documents consistently name the RN4870 1.43 device and the cleartext encrypti...

Denial Of Service (DoS)

bluez-firmware is vulnerable to denial of service DoS attacks. The library does not properly handle the reception of LMPmaxslot with a greater ACL length after completion of the LMP setup procedure, allowing an attacker in radio range to trigger a denial of service via a crafted LMP packet...

Unitree Go 1 安全漏洞

The Unitree Go 1 is a robotics dog from the Chinese company Unitree. A security vulnerability exists in the Unitree Go 1 robotics platform H0.1.7 and H0.1.9 and its accompanying firmware version 0.1.35, which originates from the fact that an attacker in the normal range of the RF can turn it off...

NewStart CGSL CORE 5.05 / MAIN 5.05 : wpa_supplicant Vulnerability (NS-SA-2022-0038)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has wpasupplicant packages installed that are affected by a vulnerability: - A vulnerability was discovered in how p2p/p2ppd.c in wpasupplicant before 2.10 processes P2P Wi-Fi Direct provision discovery requests. It could resul...