8 matches found
CVE-2026-42996
A flaw was found in JS8Call and JS8Call-improved. A remote attacker can exploit a stack-based buffer overflow by sending a specially crafted radio transmission containing "@APRSIS GRID" followed by an excessively long Maidenhead locator. This vulnerability, occurring in the grid2deg function, cou...
CVE-2022-35860
Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions...
EUVD-2017-9053
Malware in sbrugna...
EUVD-2022-38733
Malicious code in bioql PyPI...
CVE-2022-35860
CVE-2022-35860 affects Corsair K63 Wireless keyboard (version 3.1.3). The root cause is missing AES encryption in the 2.4 GHz wireless channel, enabling physically proximate attackers to inject keystrokes and sniff them over the radio. The vulnerability is documented across multiple sources (NVD/...
CVE-2022-35860
Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions...
Kaden PICOFLUX Air 安全漏洞
Kaden Vodomery Kaden Picoflux Air is an electronic cold water meter from the Czech company Kaden Vodomery. Measurement data is transmitted via radio and readings are taken online. A security vulnerability exists in Kaden PICOFLUX Air, which stems from the presence of information in the software...
Security Vulnerability in Internet-Connected Construction Cranes
This seems bad: The F25 software was found to contain a capture replay vulnerability -- basically an attacker would be able to eavesdrop on radio transmissions between the crane and the controller, and then send their own spoofed commands over the air to seize control of the crane. "These devices...