Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Prion
Prionadded 2021/10/25 11:15 a.m.7 views

Design/Logic Flaw

Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflow in the network server handling the Apple GymKit communication. This can lea...

5CVSS5.3AI score0.00813EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/10/25 10:41 a.m.11 views

CVE-2021-40526

Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflow in the network server handling the Apple GymKit communication. This can lea...

4.8CVSS5.5AI score0.00813EPSS
Exploits0References1
CVE
CVEadded 2021/10/25 10:41 a.m.29 views

CVE-2021-40526

CVE-2021-40526 describes an incorrect calculation of buffer size in Peleton TTR01 (including PTV55G), enabling a remote attacker to trigger a Denial of Service via a heap overflow in the GymKit-related network server. Impact stated: Apple MFI devices may fail to authenticate with the Peleton Bike...

5.3CVSS5.2AI score0.00813EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2021/06/15 8:15 p.m.1 views

CVE-2021-33887

Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows an attacker with physical access to boot into a modified kernel/ramdisk without unlocking the bootloader...

6.8CVSS6.6AI score0.00027EPSS
Exploits1References3
Prion
Prionadded 2021/06/15 8:15 p.m.16 views

Authorization

Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows an attacker with physical access to boot into a modified kernel/ramdisk without unlocking the bootloader...

7.2CVSS6.4AI score0.00027EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2021/06/15 6:45 p.m.49 views

CVE-2021-33887

The CVE-2021-33887 issue affects Peloton TTR01 devices up to model PTV55G, where insufficient verification of data authenticity enables a physical attacker to boot into a modified kernel/ramdisk without unlocking the bootloader. Root cause: lack of integrity checks on boot data allows unauthorize...

7.2CVSS6.3AI score0.00027EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2021/06/15 6:45 p.m.11 views

CVE-2021-33887

Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows an attacker with physical access to boot into a modified kernel/ramdisk without unlocking the bootloader...

6.6AI score0.00027EPSS
Exploits1References3
CNNVD
CNNVDadded 2021/06/15 12:0 a.m.1 views

Peloton TTR01 数据伪造问题漏洞

The Peloton TTR01 is a wireless device. A data forgery vulnerability exists in the Peloton TTR01, which arises from insufficient validation of data authenticity and can be exploited by an attacker with physical access to boot into a modified kernel ramdisk without unlocking the bootloader.The...

7.2CVSS6.6AI score0.00027EPSS
Exploits1References3
Rows per page
Query Builder