Ecofleet Mobile - BSD license, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Ecofleet Mobile published at the 'play' market has multiple vulnerabilities...

Buffer Overflow in BSD libc Library Patched

The BSD libc library was updated recently to address a buffer overflow vulnerability that could have allowed an attacker to execute arbitrary code. The library is part of the POSIX library, which is used in BSD operating systems, like FreeBSD, NetBSD, OpenBSD. The libc library is also used in...

BSD libc contains a buffer overflow vulnerability in link_ntoa()

Overview The BSD libc library's linkntoa function may be vulnerable to a classic buffer overflow. It is currently unclear if this issue is exploitable. Description CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' - CVE-2016-6559Improper bounds checking of the obuf...

Bärndütsch (Schweizerdeutsch) - BSD license, Dangerous filesystem permissions, LGPL license vulnerabilities

HackApp vulnerability scanner discovered that application Bärndütsch Schweizerdeutsch published at the 'play' market has multiple vulnerabilities...

Flickr - BSD license, Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Flickr published at the 'play' market has multiple vulnerabilities...

Zebpay Bitcoin Wallet India - Apache license, BSD license, Customized SSL vulnerabilities

HackApp vulnerability scanner discovered that application Zebpay Bitcoin Wallet India published at the 'play' market has multiple vulnerabilities...

Lawphin Book: Law Library - BSD license, Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Lawphin Book: Law Library published at the 'play' market has multiple vulnerabilities...

Fashion City 2 - BSD license, Base64 encoded String, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Fashion City 2 published at the 'play' market has multiple vulnerabilities...

Nexia - BSD license, Customized SSL, GPL license vulnerabilities

HackApp vulnerability scanner discovered that application Nexia published at the 'play' market has multiple vulnerabilities...

Zadarma SIP - BSD license, Exported ContentProvider, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Zadarma SIP published at the 'play' market has multiple vulnerabilities...

Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution (Metasploit)

require 'msf/core' class MetasploitModule 'Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution', 'Description' = %q This module exploits an un-authenticated code injection vulnerability in the bassmaster nodejs plugin for hapi. The vulnerability is within the batch endpoint and...

Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution Exploit

This module exploits an un-authenticated code injection vulnerability in the bassmaster nodejs plugin for hapi. The vulnerability is within the batch endpoint and allows an attacker to dynamically execute JavaScript code on the server side using an eval. Note that the code uses a '\x2f' character...

Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution

This module exploits an un-authenticated code injection vulnerability in the bassmaster nodejs plugin for hapi. The vulnerability is within the batch endpoint and allows an attacker to dynamically execute JavaScript code on the server side using an eval. Note that the code uses a '\x2f' character...

BSB Bank - Apache license, BSD license, Customized SSL vulnerabilities

HackApp vulnerability scanner discovered that application BSB Bank published at the 'play' market has multiple vulnerabilities...

King Phisher 1.5.2 - Phishing Campaign Toolkit

King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness...

Snapseed - BSD license, LGPL license, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Snapseed published at the 'play' market has multiple vulnerabilities...

שופרסל - BSD license, Customized SSL, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application שופרסל published at the 'play' market has multiple vulnerabilities...

OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack

A vulnerability in the OpenSSL implementation of the Online Certificate Status Protocol OCSP was patched this week, closing a denial-of-service weakness in affected servers. The patch was the most severe of 14 released yesterday by OpenSSL. OCSP is an alternative in many cases to Certificate...

HipChat - Chat Built for Teams - BSD license, Customized SSL, LGPL license vulnerabilities

HackApp vulnerability scanner discovered that application HipChat - Chat Built for Teams published at the 'play' market has multiple vulnerabilities...

Hangouts - BSD license, Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Hangouts published at the 'play' market has multiple vulnerabilities...