SUSE CVE-2026-24004

Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet's Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...

CVE-2026-24004

Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...

CVE-2026-24004

CVE-2026-24004 affects Fleet open source device management software prior to 4.80.1. The issue is in Android MDM Pub/Sub handling, allowing unauthenticated requests to trigger unenrollment events, potentially removing individual Android devices from Fleet management. Impact is disruption of Andro...

CVE-2025-10971 Insecure Storage of Sensitive Information

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...

EUVD-2023-29571

Malicious code in bioql PyPI...

MAL-2025-41279 Malicious code in android-mobile-agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 16297b3163e4c4992c5f935c4d595a2de48dfbe42ff4bb55fb7c15d1f7e6dd6b The OpenSSF Package Analysis project identified 'android-mobile-agent' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

Malicious code in android-mobile-agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 16297b3163e4c4992c5f935c4d595a2de48dfbe42ff4bb55fb7c15d1f7e6dd6b The OpenSSF Package Analysis project identified 'android-mobile-agent' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

CVE-2023-22367

Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack...

CVE-2024-11358

Mattermost Android Mobile Apps versions =2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider...

CVE-2024-11358 Insecure Android File Provider Paths

Mattermost Android Mobile Apps versions =2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider...

CVE-2024-11358

Mattermost Android Mobile Apps (versions

Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities

Rapid7, Inc. Rapid7 discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie. The affected products are: Aladdin Garage door smart retrofit kit, Model ALDCM Android Mobile application ALADDIN Connect, Version 5.65 Build 2075...

CVE-2023-5365 HP LIFE Android Mobile – Potential Escalation of Privilege, Information Disclosure

HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure...

CVE-2023-21994

Vulnerability in the Oracle Mobile Security Suite product of Oracle Fusion Middleware component: Android Mobile Authenticator App. Supported versions that are affected are Prior to 11.1.2.3.1. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communicati...

IBM Cognos Analytics 跨站脚本漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. IBM Cognos Analytics Mobile for Android is vulnerable to cross-site scripting, which originates from IBM Cognos Analytics Mobile before version 1.1.14. Android applications are vulnerable to cross-site scripti...

Security Bulletin: Android Mobile SDK compile builder includes vulnerable components

Summary A third party JSON parser that Android Mobile SDK uses include vulnerable components. The JSON parser is included in the compile builder provided to customers to compile their Mobile SDK manifest. It is not included within customer apps. Vulnerability Details CVEID: CVE-2018-7489...

Security Bulletin: Instability in the Kiosk Android (CVE-2020-4353)

Summary Instability in the Kiosk Android Application leads to a bypass in MDM Restrictions Vulnerability Details CVEID: CVE-2020-4353 DESCRIPTION: IBM MaaS360 could allow a user with physical access to the device to crash the application, which may enable the user to access restricted application...

Authentication flaw

The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by...

SA165: NTP Vulnerabilities February 2018

SUMMARY Symantec Network Protection products using affected versions of the NTP reference implementation from ntp.org are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code, modify the target's system time, prevent the target fro...

CVE-2017-17771

In msmisppreparev4l2buf in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-02-12, an array out of bounds can occur...