Lucene search
+L

28 matches found

vulnrichment
vulnrichment
added 2022/12/26 12:0 a.m.8 views

CVE-2021-35954

fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD feature...

6.9AI score0.00325EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2022/12/26 12:0 a.m.9 views

PT-2022-10478 · Unknown · Fastrack Reflex 2.0

Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker Description: The issue allows an unauthenticated remote attacker to send a malicious firmware update via Bluetooth Low Energy BLE and potentially brick the device. Recommendations: For...

7.5CVSS7.6AI score0.00891EPSS
Exploits0References4
cnnvd
cnnvd
added 2022/07/01 12:0 a.m.6 views

Thinkst Canarytokens 跨站脚本漏洞

Thinkst Canarytokens is a web activity tracking system. Thinkst Canarytokens suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute Javascript code...

6.3CVSS6.1AI score0.0054EPSS
Exploits0References3
ossf
ossf
added 2022/06/13 5:49 a.m.4 views

Malicious code in gd-activity-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be919ac20b6023e27b37ab04354acc2fe0d76aadf72ab3ccea2dafed5df390a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
osv
osv
added 2022/06/13 5:49 a.m.9 views

MAL-2022-3301 Malicious code in gd-activity-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be919ac20b6023e27b37ab04354acc2fe0d76aadf72ab3ccea2dafed5df390a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
prion
prion
added 2019/07/15 1:15 p.m.12 views

Design/Logic Flaw

On Fitbit activity-tracker devices, certain addresses never change. According to the popets-2019-0036.pdf document, this leads to "permanent trackability" and "considerable privacy concerns" without a user-accessible anonymization feature. The devices, such as Charge 2, transmit Bluetooth Low...

3.3CVSS7.2AI score0.00637EPSS
Exploits0References2
cve
cve
added 2019/07/15 12:47 p.m.44 views

CVE-2014-10374

CVE-2014-10374 concerns Fitbit activity-tracker devices where BLE advertising uses a TxAdd flag for random addresses, but the addresses remain constant. This leads to “permanent trackability” and privacy concerns when a device is sniffed at multiple fixed locations, enabling an adversary to tell ...

6.5CVSS6.5AI score0.00637EPSS
Exploits0References2Affected Software1
hackapp
hackapp
added 2016/04/01 9:4 a.m.13 views

Samsung Activity Tracker - Dangerous filesystem permissions, Exported ContentProvider, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Samsung Activity Tracker published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder