flocksafety 漏洞與 CVE 列表(15)

產品(CPE): — CVE 數: 15

flocksafety 漏洞概覽

彙總 flocksafety 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 路徑處理缺陷與拒絕服務 等問題,部分漏洞可能導致 檔案覆寫,並影響 軟體部署與生產負載 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 11515 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-59409 Flock Safety Falcon and Sparrow License Plate Readers OPM1.171019.026 ship with development Wi-Fi credentials (test_flck) stored in cleartext in production firmware. [email protected] 7.5 0.28% 2025-10-02 2026-06-17
CVE-2025-59407 The Flock Safety DetectionProcessing com.flocksafety.android.objects application 6.35.33 for Android (installed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices) bundles a Java Keystore (flock_rye.bks) along with its hardcoded password (flockhibiki17) in its code. The keystore contains a private key. [email protected] 9.8 0.51% 2025-10-02 2026-06-17
CVE-2025-59406 The Flock Safety Pisco com.flocksafety.android.pisco application 6.21.11 for Android (installed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices) has a cleartext Auth0 client secret in its codebase. Because application binaries can be trivially decompiled or inspected, attackers can recover this OAuth secret without special privileges. This secret is intended to remain confidential and should never be embedded directly in client-side software. [email protected] 6.2 0.15% 2025-10-02 2026-06-17
CVE-2025-59405 The Flock Safety Peripheral com.flocksafety.android.peripheral application 7.38.3 for Android (installed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices) contains a cleartext DataDog API key within in its codebase. Because application binaries can be trivially decompiled or inspected, attackers can recover the OAuth secret without special privileges. This secret is intended to remain confidential and should never be embedded directly in client-side software. [email protected] 7.5 0.43% 2025-10-02 2026-06-17
CVE-2025-59403 The Flock Safety Android Collins application (aka com.flocksafety.android.collins) 6.35.31 for Android lacks authentication. It is responsible for the camera feed on Falcon, Sparrow, and Bravo devices, but exposes administrative API endpoints on port 8080 without authentication. Endpoints include but are not limited to: /reboot, /logs, /crashpack, and /adb/enable. This results in multiple impacts including denial of service (DoS) via /reboot, information disclosure via /logs, and remote code exe [email protected] 9.8 1.02% 2025-10-02 2026-06-17
CVE-2025-59408 Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with Secure Boot disabled. This allows an attacker to flash modified firmware with no cryptographic protections. [email protected] 7.3 0.23% 2025-09-25 2026-06-17
CVE-2025-59404 Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with its bootloader unlocked. This permits bypass of Android Verified Boot (AVB) and allows direct modification of partitions. [email protected] 7.5 0.39% 2025-09-25 2026-06-17
CVE-2025-59402 Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 accepts the default Thundercomm TurboX 6490 Firehose loader in EDL/QDL mode. This enables attackers with physical access to flash arbitrary firmware, dump partitions, and bypass bootloader and OS security controls. [email protected] 5.4 0.21% 2025-09-25 2026-06-17
CVE-2025-47824 Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage of code. [email protected] 2.0 0.05% 2025-06-26 2026-06-17
CVE-2025-47823 Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a hardcoded password for a system. [email protected] 2.2 0.18% 2025-06-26 2026-06-17
CVE-2025-47822 Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have an on-chip debug interface with improper access control. [email protected] 6.4 0.21% 2025-06-26 2026-06-17
CVE-2025-47821 Flock Safety Gunshot Detection devices before 1.3 have a hardcoded password for a system. [email protected] 2.2 0.18% 2025-06-26 2026-06-17
CVE-2025-47820 Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code. [email protected] 2.0 0.05% 2025-06-26 2026-06-17
CVE-2025-47819 Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control. [email protected] 6.4 0.22% 2025-06-26 2026-06-17
CVE-2025-47818 Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for a connection. [email protected] 2.2 0.19% 2025-06-26 2026-06-17
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence