ArborSide is a medical marijuana provisioning center located in Ann Arbor, MI. We provide safe access to a wide variety of cannabis products to medical marijuana patients.
Anytime Fitness is the healthiest franchise opportunity on the planet. As the fastest-growing fitness franchise in the world, Anytime Fitness helps more than three million members in more than three thousand gyms around the globe get to a healthier place. Recently honored as the world’s “Top Global Franchise” by Entrepreneur magazine, Anytime Fitness offers entrepreneurs a convenient and affordable recurring-revenue business model. Franchisees enjoy the luxury of being their own boss, and are given the resources and support to achieve a healthy work/life balance. Anytime Fitness is the perfect fit for entrepreneurs seeking the opportunity to run a business that has the potential to make a profound difference in people’s lives. Entrepreneur Magazine • Top 500 Franchises — 1st • Top Fitness Franchises — 1st • Fastest Growing Franchises — 10th • Top Global Franchises — 10th • Top Franchise for Military Veterans — 4th Forbes • America's Most Promising Companies — 14th • Top 20 Franchises for the Buck — 18th • #9 Best Franchises in America USA Today • Top 50 Franchises for Minorities • Top 50 Franchises for Veterans CNN Money • Top 10 Great Franchise Bets Franchise Times Magazine • #6 Fast and Serious List Club Business International | Magazine • Fastest-Growing Fitness Club in the World • #1 Fitness Franchise in the World • #4 Number of Members • #2 Revenues Star Tribune • Top Workplaces | 2011, 2012, 2013 Minnesota Business Magazine • Best Large Company to Work | 2012, 2013, 2014 G.I. Jobs • Top Military Friendly Franchise | 2010, 2011, 2012, 2013 & 2014 National Minority Franchising Initiative • Top 50 Franchises for Minorities | 2011, 2012, 2013 & 2014 IHRSA - International Health, Racquet and Sportsclub Association • Fastest Growing Fitness Club in the World WorldFranchising.com • Top 25 Franchises for Hispanics FranchiseChatter.com • #1 Best Franchise Business Model
Security & Compliance Standards Overview
No incidents recorded for ArborSide Compassion in 2025.
No incidents recorded for Anytime Fitness in 2025.
ArborSide Compassion cyber incidents detection timeline including parent company and subsidiaries
Anytime Fitness cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update mechanisms, affected systems should be physically protected or retired from service. The vendor has not indicated that firmware updates are available for this legacy model.
Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboot. This weakness allows long-term firmware tampering that survives power cycles. The vendor indicates that more recent firmware updates strengthen update-chain integrity and disable physical update ports to mitigate related attack avenues.
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's USB update port - can craft or modify firmware packages to execute arbitrary code as root, allowing persistent compromise of the device's integrity and deck randomization process. Physical or on-premises access remains the most likely attack path, though network-exposed or telemetry-enabled deployments could theoretically allow remote exploitation if misconfigured. The vendor confirmed that firmware updates have been issued to correct these update-chain weaknesses and that USB update access has been disabled on affected units.
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/fips/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCFB.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeEngine.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCBC.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeGCMSIV.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCCM.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/engines/AESNativeCTR.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA256NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA224NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA3NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHAKENativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA512NativeDigest.Java, core/src/main/jdk1.9/org/bouncycastle/crypto/digests/SHA384NativeDigest.Java. This issue affects Bouncy Castle for Java FIPS: from 2.1.0 through 2.1.1; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.
Wasmtime is a runtime for WebAssembly. In versions from 38.0.0 to before 38.0.3, the implementation of component-model related host-to-wasm trampolines in Wasmtime contained a bug where it's possible to carefully craft a component, which when called in a specific way, would crash the host with a segfault or assert failure. Wasmtime 38.0.3 has been released and is patched to fix this issue. There are no workarounds.
