Pebble
by Pebble
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10702 | Med | 0.40 | 6.1 | 0.01 | Nov 28, 2017 | Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary. | ||
| CVE-2012-4022 | 0.00 | — | 0.02 | Nov 8, 2012 | Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment. | |||
| CVE-2009-0736 | 0.00 | — | 0.01 | Feb 25, 2009 | Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2006-5168 | 0.00 | — | 0.01 | Oct 10, 2006 | Cross-site scripting (XSS) vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string. |
- risk 0.40cvss 6.1epss 0.01
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary.
- CVE-2012-4022Nov 8, 2012risk 0.00cvss —epss 0.02
Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment.
- CVE-2009-0736Feb 25, 2009risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2006-5168Oct 10, 2006risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string.