Lucene search
K

100 matches found

NVD
NVD
added 2024/05/07 9:15 p.m.23 views

CVE-2024-23706

In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.8AI score0.00105EPSS
Exploits0References2
OSV
OSV
added 2024/05/07 9:15 p.m.5 views

CVE-2024-23706

In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00105EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/07 9:3 p.m.22 views

CVE-2024-23706

In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.1AI score0.00105EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/07 9:3 p.m.23 views

CVE-2024-23706

In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5AI score0.00105EPSS
Exploits0References2
CVE
CVE
added 2024/05/07 9:3 p.m.1450 views

CVE-2024-23706

CVE-2024-23706 affects Google Android via health data permissions bypass in the HealthFitness pathway, caused by improper input validation. The result is local escalation of privilege with no additional execution privileges required and no user interaction needed. Affected context appears in Andr...

7.8CVSS7AI score0.00105EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.7 views

PT-2024-20022 · Google · Android 14

Name of the Vulnerable Software and Affected Versions: Android 14 Description: The issue is related to an improper input validation that could lead to a bypass of health data permissions. This could result in a local escalation of privilege with no additional execution privileges needed. User...

7.8CVSS7.1AI score0.00105EPSS
Exploits0References10
OSV
OSV
added 2024/05/01 12:0 a.m.24 views

ASB-A-328068777

In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00105EPSS
Exploits0References2
OSV
OSV
added 2024/01/12 11:6 a.m.3 views

OESA-2024-1052 netdata security update

netdata is the fastest way to visualize metrics. It is a resource efficient, highly optimized system for collecting and visualizing any type of realtime time-series data, from CPU usage, disk activity, SQL queries, API calls, web site visitors, etc. netdata tries to visualize the truth of now, in...

9.8CVSS8.4AI score0.36171EPSS
Exploits3References3
Wallarm Lab
Wallarm Lab
added 2024/01/04 10:58 a.m.21 views

How to comply with HIPAA requirements

Understanding the Grounds of HIPAA Let's take a deep dive into understanding the broad structure and intent behind the Act for the Secure Management and Duty of Patient Data ASMDPD, a landmark piece of legislation that has deeply transformed the healthcare sector since its inception at the turn o...

7.6AI score
Exploits0
NVD
NVD
added 2024/01/02 10:15 p.m.25 views

CVE-2023-4164

There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...

8.4CVSS8.2AI score0.00084EPSS
Exploits0References1
Prion
Prion
added 2024/01/02 10:15 p.m.20 views

Information disclosure

There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...

1.7CVSS6.9AI score0.00084EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/02 9:20 p.m.17 views

CVE-2023-4164 There is a possible information disclosure due to a missing permission check in Pixel Watch

There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...

8.4CVSS6.7AI score0.00084EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/02 9:20 p.m.25 views

CVE-2023-4164 There is a possible information disclosure due to a missing permission check in Pixel Watch

There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...

8.4CVSS8.9AI score0.00084EPSS
Exploits0References1
CVE
CVE
added 2024/01/02 9:20 p.m.50 views

CVE-2023-4164

CVE-2023-4164 affects Google Pixel Watch. It describes a local information-disclosure vulnerability caused by a missing permission check that could expose health data without extra privileges. Public details confirm the issue but do not provide exploit specifics. Impact is focused on confidential...

8.4CVSS5.4AI score0.00084EPSS
Exploits0References1Affected Software1
Malwarebytes
Malwarebytes
added 2023/12/04 10:6 p.m.11 views

23andMe says, er, actually some genetic and health data might have been accessed in recent breach

In October we reported that the data of as many as seven million 23andMe customers were for sale on criminal forums following a password attack against the genomics company. Now, a filing with the US Securities and Exchange Commission SEC has provided some more insight into the data theft. The...

7AI score
Exploits0
HackRead
HackRead
added 2023/08/31 10:56 p.m.108 views

Cigna Health Data Leak: 17 Billion Records Exposed

By Habiba Rashid The database contained over 17 billion records, which is equivalent to about 6.35 terabytes of data. This is a post from HackRead.com Read the original post: Cigna Health Data Leak: 17 Billion Records Exposed...

6.9AI score
Exploits0
NVD
NVD
added 2023/06/13 8:15 p.m.29 views

CVE-2022-47376

The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. No patient health data is stored in the database, although some site installations may choose to store personal data...

7.3CVSS7.1AI score0.00162EPSS
Exploits0References1
Prion
Prion
added 2023/06/13 8:15 p.m.17 views

Default credentials

The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. No patient health data is stored in the database, although some site installations may choose to store personal data...

4.3CVSS7AI score0.00162EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2023/03/12 4:41 a.m.379 views

Remote Code Execution (RCE)

netdata is vulnerable to Remote Code Execution RCE. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent when an alert is triggered. This can be done by providing a specially crafted registryhostname as part of the health da...

9.8CVSS9.6AI score0.36171EPSS
Exploits2References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.3 views

SUSE CVE-2023-22496

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

9.8CVSS9.3AI score0.36171EPSS
Exploits2References3
Rows per page
Query Builder