CVE-2019-19463

The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check...

CVE-2019-12763

The Security Camera CZ application through 1.6.8 for Android stores potentially sensitive recorded video in external data storage, which is readable by any application...

CVE-2019-1265

A security feature bypass vulnerability exists when Microsoft Yammer App for Android fails to apply the correct Intune MAM Policy.This could allow an attacker to perform functions that are restricted by Intune Policy.The security update addresses the vulnerability by correcting the way the policy...

CVE-2019-9599

The AirDroid application through 4.2.1.6 for Android allows remote attackers to cause a denial of service service crash via many simultaneous sdctl/comm/liteauth/ requests...

CVE-2019-13100

The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system i.e., in cleartext, which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/sharedprefs/sendanywheredevice.xml...

CVE-2019-12368

The Edison Mail application through 1.7.1 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

CVE-2019-12367

The BlueMail application through 1.9.5.36 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

CVE-2019-10044

Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin and Cyrillic characters...

CVE-2019-11836

The Rediffmail aka com.rediff.mail.and application 2.2.6 for Android has cleartext mail content in file storage, persisting after a logout...

CVE-2019-17396

In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...

CVE-2013-2307

The Yahoo! Browser application before 1.4.3 for Android allows remote attackers to spoof the address bar via a crafted web site...

CVE-2012-1477

Unspecified vulnerability in the Cnectd mci.cnectd application 3.1.0 for Android has unknown impact and attack vectors...

CVE-2012-1400

Unspecified vulnerability in the U+Box 2.0 Pad lg.uplusbox.pad application 2.0.8.4 for Android has unknown impact and attack vectors...

CVE-2017-8221

Wireless IP Camera P2P WIFICAM devices rely on a cleartext UDP tunnel protocol aka the Cloud feature for communication between an Android application and a camera device, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2011-4772

The 360 KouXin com.qihoo360.kouxin application 1.5.3 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application...

CVE-2012-1407

Unspecified vulnerability in the GO Message Widget com.gau.go.launcherex.gowidget.smswidget application 1.9, 2.1, and 2.3 for Android has unknown impact and attack vectors...

CVE-2011-4705

The Ming Blacklist Free vc.software.blacklist application 1.8.1 and 1.9.2.1 for Android does not properly protect data, which allows remote attackers to read or modify blacklists and a contact list via a crafted application that launches a "data-flow attack."...

CVE-2011-4771

The Scan to PDF Free com.scan.to.pdf.trial application 2.0.4 for Android does not properly protect data, which allows remote attackers to read or modify scanned files and a Google account via a crafted application...

CVE-2012-1475

Unspecified vulnerability in the YagattaTalk Messenger com.iskoot.yagatta.yagattatalk application 1.00.01.08 for Android has unknown impact and attack vectors...

CVE-2012-1404

Unspecified vulnerability in the Dolphin Browser Mini com.dolphin.browser application 2.2 for Android has unknown impact and attack vectors...