VYPR

Pebble

by Pebble

CVEs (4)

  • CVE-2016-10702MedNov 28, 2017
    risk 0.40cvss 6.1epss 0.01

    Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary.

  • CVE-2012-4022Nov 8, 2012
    risk 0.00cvss epss 0.02

    Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment.

  • CVE-2009-0736Feb 25, 2009
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2006-5168Oct 10, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string.