216 matches found
CVE-2024-43766
In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-43766
In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-43766
In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-43766
CVE-2024-43766 describes an information-disclosure vulnerability in the Android Bluetooth stack caused by invalid error handling in multiple functions of a file named btm_ble_sec.cc . The issue could enable remote information disclosure to a proximal/adjacent attacker with no additional execution...
CVE-2024-43766
In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2024-55457
In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-288144143
In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40729
A vulnerability has been identified in QMS Automotive All versions V12.39. The affected application lacks security control to prevent unencrypted communication without HTTPS. An attacker who managed to gain machine-in-the-middle position could manipulate, or steal confidential information...
CVE-2019-12505
Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP1001 v1.3C is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In...
CVE-2019-12506
Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R0010 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target...
CVE-2023-53881 ReyeeOS 1.204.1614 Man-in-the-Middle Remote Code Execution via CWMP
ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by...
EUVD-2025-37365
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...
CVE-2025-12508
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...
CVE-2025-12508
CVE-2025-12508 affects BRAIN2: when domain users act as BRAIN2 users, communication with Active Directory services is unencrypted, risking interception of authentication data and confidentiality. Documents consistently identify BRAIN2 as the affected software and describe the unencrypted AD traff...
CVE-2025-12508 Unencrypted communication to Active Directory services
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...
CVE-2025-12508 Unencrypted communication to Active Directory services
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...
CVE-2025-41108
The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an attacker to send commands to the robot from an external attack station, impersonating the control station tablet and gaining unauthorised full control of the robot. The absence of encryption and authenticati...
CVE-2025-41108 Improper Authentication vulnerability in Ghost Robotics' Vision 60
The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an attacker to send commands to the robot from an external attack station, impersonating the control station tablet and gaining unauthorised full control of the robot. The absence of encryption and authenticati...
EUVD-2020-7501
Malware in sbrugna...
EUVD-2019-7638
Malware in sbrugna...