100 matches found
CVE-2024-23706
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-23706
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-23706
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-23706
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-23706
CVE-2024-23706 affects Google Android via health data permissions bypass in the HealthFitness pathway, caused by improper input validation. The result is local escalation of privilege with no additional execution privileges required and no user interaction needed. Affected context appears in Andr...
PT-2024-20022 · Google · Android 14
Name of the Vulnerable Software and Affected Versions: Android 14 Description: The issue is related to an improper input validation that could lead to a bypass of health data permissions. This could result in a local escalation of privilege with no additional execution privileges needed. User...
ASB-A-328068777
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
OESA-2024-1052 netdata security update
netdata is the fastest way to visualize metrics. It is a resource efficient, highly optimized system for collecting and visualizing any type of realtime time-series data, from CPU usage, disk activity, SQL queries, API calls, web site visitors, etc. netdata tries to visualize the truth of now, in...
How to comply with HIPAA requirements
Understanding the Grounds of HIPAA Let's take a deep dive into understanding the broad structure and intent behind the Act for the Secure Management and Duty of Patient Data ASMDPD, a landmark piece of legislation that has deeply transformed the healthcare sector since its inception at the turn o...
CVE-2023-4164
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...
Information disclosure
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...
CVE-2023-4164 There is a possible information disclosure due to a missing permission check in Pixel Watch
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...
CVE-2023-4164 There is a possible information disclosure due to a missing permission check in Pixel Watch
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed...
CVE-2023-4164
CVE-2023-4164 affects Google Pixel Watch. It describes a local information-disclosure vulnerability caused by a missing permission check that could expose health data without extra privileges. Public details confirm the issue but do not provide exploit specifics. Impact is focused on confidential...
23andMe says, er, actually some genetic and health data might have been accessed in recent breach
In October we reported that the data of as many as seven million 23andMe customers were for sale on criminal forums following a password attack against the genomics company. Now, a filing with the US Securities and Exchange Commission SEC has provided some more insight into the data theft. The...
Cigna Health Data Leak: 17 Billion Records Exposed
By Habiba Rashid The database contained over 17 billion records, which is equivalent to about 6.35 terabytes of data. This is a post from HackRead.com Read the original post: Cigna Health Data Leak: 17 Billion Records Exposed...
CVE-2022-47376
The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. No patient health data is stored in the database, although some site installations may choose to store personal data...
Default credentials
The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. No patient health data is stored in the database, although some site installations may choose to store personal data...
Remote Code Execution (RCE)
netdata is vulnerable to Remote Code Execution RCE. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent when an alert is triggered. This can be done by providing a specially crafted registryhostname as part of the health da...
SUSE CVE-2023-22496
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...