Lucene search
K

55 matches found

CVE
CVE
added 2018/07/06 9:0 p.m.54 views

CVE-2016-6540

The CVE-2016-6540 issue concerns TrackR Bravo’s cloud service where an unauthenticated attacker can query or send GPS data for any TrackR device by using a tracker ID. The tracker ID can be discovered via CVE-2016-6539, which describes the device ID construction and proximity-based exposure of th...

6.5CVSS6AI score0.0091EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/07/06 9:0 p.m.15 views

CVE-2016-6540 TrackR Bravo is missing authentication for the cloud service and allows querying or sending of GPS data from unauthenticated users

Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered as described in CVE-2016-6539. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been...

6.5AI score0.0091EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2018/06/26 3:14 p.m.38 views

Simple Security Flaws Could Steer Ships Off Course

A proof-of-concept attack could cause ships to dangerously veer off course, and it all stems from simple security issues, including the failure to change default passwords or segment networks. Researcher Ken Munro, with Pen Test Partners, on Monday showed how the attack could work and how it’s...

7.5CVSS9.8AI score0.19856EPSS
Exploits4References4
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/06/25 10:0 a.m.272 views

Hacking Serial Networks on Ships

Three different ways to intercept and modify serial data on ship networks. The serial data that controls steering, engine control and so much more on board ship… How-to Vessels typically have two distinct networks on board; one IP/ethernet network for business systems, crew mail & web browsing an...

7.5CVSS1.4AI score0.19856EPSS
Exploits4
CNVD
CNVD
added 2017/09/04 12:0 a.m.4 views

Milwaukee ONE-KEY Android mobile application trust management vulnerability

Milwaukee ONE-KEY Android mobile application is an automation tool control program based on the Android platform from Milwaukee Tool. A security vulnerability exists in the Milwaukee ONE-KEY Android mobile application, which originates from the program storing the master token in plaintext in the...

7.5CVSS7.5AI score0.00625EPSS
Exploits0References1
NVD
NVD
added 2017/03/27 9:59 p.m.12 views

CVE-2017-5239

Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying information, such as GPS data and IMEI numbers, to any man-in-the-middle MitM listener...

7.5CVSS7.3AI score0.00485EPSS
Exploits0References2
CNVD
CNVD
added 2016/10/28 12:0 a.m.2 views

iTrack Easy Device Tracking Vulnerability

The iTrack Easy is a versatile Bluetooth device. The iTrack EasyMAC/device ID can be registered for use by multiple users, allowing a remote attacker to exploit the vulnerability by submitting a special request to access getgps GPS data to track the device...

5.9CVSS7.1AI score0.02159EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2016/03/01 12:1 a.m.19 views

Connected Cars' Cybersecurity Falls Short

As automakers rush to market connected cars to feed drivers hungry for collision avoidance systems and self-parking features, security experts are urging the industry to pump its brakes and prioritize the their cars’ cyber defenses. In a report released Tuesday by IDC and the security firm...

0.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2016/02/25 3:7 p.m.20 views

Nissan Car Hack Allowed Remote Access To Car

Automaker Nissan deactivated a remote access feature that let owners of its Leaf electric car remotely adjust climate controls and check battery status via a smartphone app. The move comes after a security researcher posted his finding regarding a simple hack that allowed anyone with the right Le...

0.3AI score
Exploits0References3
Fedora
Fedora
added 2013/05/29 3:2 a.m.33 views

[SECURITY] Fedora 19 Update: gypsy-0.9-1.fc19

Gypsy is a GPS multiplexing daemon which allows multiple clients to access GPS data from multiple GPS sources concurrently...

2.1CVSS6.4AI score0.00477EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/05/09 12:0 a.m.36 views

Ubuntu 12.04 LTS : gpsd vulnerability (USN-1820-1)

It was discovered that gpsd incorrectly handled certain malformed GPS data. An attacker could use this issue to cause gpsd to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from...

4.3CVSS6AI score0.0415EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2013/05/08 6:23 p.m.51 views

USN-1820-1: gpsd vulnerability

It was discovered that gpsd incorrectly handled certain malformed GPS data. An attacker could use this issue to cause gpsd to crash, resulting in a denial of service, or possibly execute arbitrary code...

4.3CVSS5.8AI score0.0415EPSS
Exploits1
ThreatPost
ThreatPost
added 2011/07/18 6:18 p.m.8 views

Google+ Knows Where You Live!

Much like geolocation services Foursquare, Gowalla and Facebook, Google+ is counting on your desire to share what you’re doing wherever you are. Accordingly, Google+ allows you to geotag content, such as photos, that you upload. This is a great feature. But, as Threatpost has reported, geolocatio...

1.4AI score
Exploits0References1
Fedora
Fedora
added 2011/04/21 10:30 p.m.22 views

[SECURITY] Fedora 14 Update: gipfel-0.3.2-7.fc14

gipfel is a tool to find the names of mountains or points of interest on a picture. It uses a database containing names and GPS data. With the given viewpoint the point from which the picture was taken and two known mountains on the picture, it can compute all parameters needed to compute the...

4.3CVSS2.7AI score0.02673EPSS
Exploits2
securityvulns
securityvulns
added 2005/01/26 12:0 a.m.25 views

[Full-Disclosure] DMA[2005-0125a] - 'berlios gpsd format string vulnerability'

DMA2005-0125a - 'berlios gpsd remake of pygps format string vulnerability' Author: Kevin Finisterre Vendor: http://gpsd.berlios.de, http://www.pygps.org Product: 'gpsd' References: http://www.digitalmunition.com/DMA2005-0125a.txt Description: gpsd is a service daemon that monitors a GPS attached ...

0.1AI score
Exploits0
Rows per page
Query Builder