📄 Remote for Mac 2025.6 Unauthenticated UDP Keyboard Remote Code Execution

A remote code execution vulnerability exists in Remote for Mac version 2025.6. When the "Allow unknown devices" option is enabled, the application accepts unauthenticated key input over UDP on port 1947. By sending a crafted sequence of UDP packets that simulate keyboard events, an attacker can...

📄 Remote for Mac 2025.6 Unauthenticated Arbitrary Input

Remote for Mac version 2025.6 allows for unauthenticated arbitrary input into the active window. Exploit Title: Remote for Mac 2025.6 - Unauthenticated Arbitrary Input into Active Window Date: 2025-05-28 Exploit Author: Chokri Hammedi Vendor Homepage: https://cherpake.com/ Software Link:...

📄 Remote for Windows 2024.15 Unauthenticated Desktop Screenshot Capture

Remote for Windows version 2024.15 suffers from a missing authentication vulnerability that allows for the disclosure of desktop screenshots. Exploit Title: Remote for Windows 2024.15 - Unauthenticated Desktop Screenshot Capture Date: 2025-05-19 Exploit Author: Chokri Hammedi Vendor Homepage:...

PT-2025-21156 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: General information about the issue is not provided. No details are available regarding the estimated number of potentially affected devices worldwide or real-world incidents where this issu...

CVE-2024-48548

CVE-2024-48548 affects Cloud Smart Lock v2.0.1 where an APK leaks a URL that can call the Bind to Physical Device API. This enables an attacker to arbitrarily construct requests to bind to unknown devices by bruteforcing a valid serial number, effectively exposing a vulnerability with a local att...

Design/Logic Flaw

The Cloudflare WARP client for Windows assigns loopback IPv4 addresses for the DNS Servers, since WARP acts as local DNS server that performs DNS queries in a secure manner, however, if a user is connected to WARP over an IPv6-capable network, te WARP client did not assign loopback IPv6 addresses...

PT-2023-13693 · Unisoc (Shanghai) Technologies Co. +1 · Sc9863A/Sc9832E/Sc7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a missing permission check in a network service, which could lead to local escalation of privilege. System execution privileges...

CVE-2022-23467

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razerattrreaddpistages, potentially bypassing KASLR. To exploit this vulnerability an attacker would...

CVE-2022-23467

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razerattrreaddpistages, potentially bypassing KASLR. To exploit this vulnerability an attacker would...

PT-2022-16009 · Openrazer +1 · Openrazer +1

Name of the Vulnerable Software and Affected Versions: OpenRazer versions prior to 3.5.1 Description: OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device, an attacker can leak stack addresses of the...