55 matches found
CVE-2023-46916
CVE-2023-46916 affects Maxima Max Pro Power 1.0 486A watches. The BLE threat is a replay at GATT handle 0x0012, enabling unauthorized actions such as starting/changing the heart‑rate monitor and related display/notification changes. Public exploit notes describe unauthenticated access demonstrati...
Maxima Max Pro Power 1.0 486A BLE Traffic Replay
Exploit Title: Maxima Max Pro Power - BLE Traffic Replay Unauthenticated Date: 13-Nov-2023 Exploit Author: Alok kumar [email protected], Cyberpwn Technologies Pvt. Ltd. Vendor Homepage: https://www.maximawatches.com Product Link: https://www.maximawatches.com/products/max-pro-power Firmware...
CVE-2021-35953
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service device outage via crafted choices of the last three bytes of a characteristic value...
PT-2022-10480 · Unknown · Fastrack Reflex 2.0
Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker Description: The issue allows a remote attacker to cause a Denial of Service, resulting in a device outage. This can be achieved via crafted choices of the last three bytes of a...
CVE-2021-35953
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service device outage via crafted choices of the last three bytes of a characteristic value...
CVE-2021-24519
The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the 'Text Next to Icon' field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue...
Vik Rent Car < 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin does not sanitise the 'Text Next to Icon' field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue PoC Add or Edit a Characteristic...
Buffer overflow
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btcblufirecvhandler function in blufiprf.c. An attacker can send a crafted BluFi protocol Write Attribute command to...
CVE-2020-12857
Caching of GATT characteristic values TempID in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to long-term re-identify an Android device running COVIDSafe...
CVE-2020-12857
CVE-2020-12857 concerns the COVIDSafe Android app, where caching of GATT characteristic values (TempID) in versions 1.0.15 and 1.0.16 allows a remote attacker to long-term re-identify an affected device. The Red Hat, NVD and CVE listings align on the impact: exposure of re-identification risk due...
CVE-2020-12857
Caching of GATT characteristic values TempID in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to long-term re-identify an Android device running COVIDSafe...
ABB 1SVR427031R2000 CP-E 48 1.25 Power Supply Detection
Binary data 756479.prm...
ABB 1SVR427032R0000 CP-E 24 2.5 Power Supply Detection
Binary data 756480.prm...
identYwaf - Blind WAF Identification Tool
identYwaf is an identification tool that can recognize web protection type i.e. WAF based on blind inference. Blind inference is being done by inspecting responses provoked by a set of predefined offensive non-destructive payloads, where those are used only to trigger the web protection system in...
CVE-2017-17435
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request,...