EUVD-2026-33368

The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range to perform unauthorized control of device functions, including starting/stopping activities,...

EUVD-2014-5572

Malware in sbrugna...

EUVD-2023-51080

Malicious code in bioql PyPI...

Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)

Exploit Title: Maxima Max Pro Power - BLE Traffic Replay Unauthenticated Date: 13-Nov-2023 Exploit Author: Alok kumar [email protected], Cyberpwn Technologies Pvt. Ltd. Vendor Homepage: https://www.maximawatches.com Product Link: https://www.maximawatches.com/products/max-pro-power Firmware...

CVE-2023-46916

Maxima Max Pro Power 1.0 486A devices allow BLE traffic replay. An attacker can use GATT characteristic handle 0x0012 to perform potentially disruptive actions such as starting a Heart Rate monitor...

CVE-2023-46916

Maxima Max Pro Power 1.0 486A devices allow BLE traffic replay. An attacker can use GATT characteristic handle 0x0012 to perform potentially disruptive actions such as starting a Heart Rate monitor...

CVE-2023-46916

Maxima Max Pro Power 1.0 486A devices allow BLE traffic replay. An attacker can use GATT characteristic handle 0x0012 to perform potentially disruptive actions such as starting a Heart Rate monitor...

Design/Logic Flaw

Maxima Max Pro Power 1.0 486A devices allow BLE traffic replay. An attacker can use GATT characteristic handle 0x0012 to perform potentially disruptive actions such as starting a Heart Rate monitor...

CVE-2023-46916

Maxima Max Pro Power 1.0 486A devices allow BLE traffic replay. An attacker can use GATT characteristic handle 0x0012 to perform potentially disruptive actions such as starting a Heart Rate monitor...

Maxima Max Pro Power Security Vulnerability

The Maxima Max Pro Power is a smartwatch from Maxima. A security vulnerability exists in Maxima Max Pro Power 1.0 486A, which originates from allowing BLE traffic replay, and can be exploited by an attacker to perform destructive actions, such as activating the heart rate monitor, using GATT...

CVE-2023-46916

Maxima Max Pro Power 1.0 486A devices allow BLE traffic replay. An attacker can use GATT characteristic handle 0x0012 to perform potentially disruptive actions such as starting a Heart Rate monitor...

CVE-2023-46916

CVE-2023-46916 affects Maxima Max Pro Power 1.0 486A watches. The BLE threat is a replay at GATT handle 0x0012, enabling unauthorized actions such as starting/changing the heart‑rate monitor and related display/notification changes. Public exploit notes describe unauthenticated access demonstrati...

PT-2023-30260 · Unknown · Maxima Max Pro Power

Name of the Vulnerable Software and Affected Versions: Maxima Max Pro Power version 1.0 486A Description: The issue allows BLE traffic replay, enabling an attacker to perform potentially disruptive actions. This can be achieved by using the GATT characteristic handle 0x0012, for example, to start...

Talitrix Prison-Monitoring System Tracks Inmates Down to Their Heart Rate

Documents WIRED obtained detail new prison-monitoring technology that keeps tabs on inmates' location, heartbeats, and more...

CVE-2016-11030

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 with Hrm sensor support software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-7341...

Apple Watch saves one more life by notifying user about his unusual heart rate

By Waqas Who doesn't like elegant watches, especially those who can literally save your life like the Apple Watch, right? Last time when we talked about Apple Watch, it was related to a 62-year-old man who felt sick at work and decided not to bother his colleagues but when his Apple Watch's Healt...

Gang Up on the Problem, Not Each Other

Threatpost Op-Ed is a regular feature where experts contribute essays and commentary on what’s happening in security and privacy. Today’s contributor is Katherine Carpenter. The imaginary world in which an artificial intelligence can kill a person by adjusting the insulin from his pump to a deadl...

Heart Rate Monitor (Instant) - Possible privilege escalation, Runtime command execution, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Heart Rate Monitor Instant published at the 'play' market has multiple vulnerabilities...

Runtastic Heart Rate Monitor - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Runtastic Heart Rate Monitor published at the 'play' market has multiple vulnerabilities...

Unique Heart Rate Monitor - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Unique Heart Rate Monitor published at the 'play' market has multiple vulnerabilities...