Vendor
DarioHealth
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 4 CVEs
- 0 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-20060 | Hig | 0.49 | 7.5 | 0.00 | Feb 28, 2025 | An attacker could expose cross-user personal identifiable information (PII) and personal health information transmitted to the Android device via the Dario Health application database. | ||
| CVE-2025-24318 | Med | 0.44 | 6.8 | 0.00 | Feb 28, 2025 | Cookie policy is observable via built-in browser tools. In the presence of XSS, this could lead to full session compromise. | ||
| CVE-2025-24316 | Med | 0.34 | 5.3 | 0.00 | Feb 28, 2025 | The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality. | ||
| CVE-2025-24843 | Med | 0.33 | 5.1 | 0.00 | Feb 28, 2025 | Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity, authenticity, and attestation of stored data. |
- risk 0.49cvss 7.5epss 0.00
An attacker could expose cross-user personal identifiable information (PII) and personal health information transmitted to the Android device via the Dario Health application database.
- risk 0.44cvss 6.8epss 0.00
Cookie policy is observable via built-in browser tools. In the presence of XSS, this could lead to full session compromise.
- risk 0.34cvss 5.3epss 0.00
The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality.
- risk 0.33cvss 5.1epss 0.00
Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity, authenticity, and attestation of stored data.