Lucene search
K

28 matches found

Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.8 views

PT-2022-10479 · Unknown · Fastrack Reflex 2.0

Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker Description: The issue allows a remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017. Recommendations: For fastrack Reflex 2.0 W307S...

5.3CVSS5.2AI score0.00569EPSS
Exploits0References4
CVE
CVE
added 2022/12/26 12:0 a.m.65 views

CVE-2021-35953

Summary: CVE-2021-35953 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. A remote attacker can cause a device outage (DoS) by crafting the last three bytes of a characteristic value, enabling unauthenticated network access to trigger the issue. The vulnerability surface centers o...

7.5CVSS7.4AI score0.0084EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/07/01 12:0 a.m.6 views

Thinkst Canarytokens 跨站脚本漏洞

Thinkst Canarytokens is a web activity tracking system. Thinkst Canarytokens suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute Javascript code...

6.3CVSS6.1AI score0.0054EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/13 5:49 a.m.3 views

Malicious code in gd-activity-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be919ac20b6023e27b37ab04354acc2fe0d76aadf72ab3ccea2dafed5df390a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/13 5:49 a.m.8 views

MAL-2022-3301 Malicious code in gd-activity-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be919ac20b6023e27b37ab04354acc2fe0d76aadf72ab3ccea2dafed5df390a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Prion
Prion
added 2019/07/15 1:15 p.m.12 views

Design/Logic Flaw

On Fitbit activity-tracker devices, certain addresses never change. According to the popets-2019-0036.pdf document, this leads to "permanent trackability" and "considerable privacy concerns" without a user-accessible anonymization feature. The devices, such as Charge 2, transmit Bluetooth Low...

3.3CVSS7.2AI score0.00637EPSS
Exploits0References2
CVE
CVE
added 2019/07/15 12:47 p.m.44 views

CVE-2014-10374

CVE-2014-10374 concerns Fitbit activity-tracker devices where BLE advertising uses a TxAdd flag for random addresses, but the addresses remain constant. This leads to “permanent trackability” and privacy concerns when a device is sniffed at multiple fixed locations, enabling an adversary to tell ...

6.5CVSS6.5AI score0.00637EPSS
Exploits0References2Affected Software1
hackapp
hackapp
added 2016/04/01 9:4 a.m.12 views

Samsung Activity Tracker - Dangerous filesystem permissions, Exported ContentProvider, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Samsung Activity Tracker published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder