94 matches found
CVE-2021-32694 Malicious Android application can crash the Nextcloud Android Client
Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.15.1, a malicious application on the same device is possible to crash the Nextcloud Android Client due to an uncaught exception. The vulnerability is patched in version 3.15.1...
CVE-2021-32658
Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This could include sensitive key material such as the End-to-End encryption keys. It is recommended that...
Code injection
Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This could include sensitive key material such as the End-to-End encryption keys. It is recommended that...
Sensitive data may not be removed from storage on account removal
None...
Windows Remote Desktop Protocol Security Vulnerability
Microsoft Windows Remote Desktop Protocol RDP is an application for connecting to remote Windows desktops from Microsoft USA. A security vulnerability exists in Windows Remote Desktop Protocol. The following products and versions are affected:Microsoft Remote Desktop,Remote Desktop client for...
SQL Injection Vulnerability in OneKey Education Cloud Disk Service Platform of Orient Boguan (Beijing) Technology Co.
The OneKey Education Cloud Disk Service Platform supports multiple platforms such as Web, PC, and Android cell phone clients for cross-platform and cross-terminal file sharing and anytime, anywhere access. There is a SQL injection vulnerability in the OneKey Education Cloud Disk Service Platform ...
Harmony Chat Android Client Has Information Leakage Vulnerability
Wochat Android client is a business socialization mobile platform. There is an information leakage vulnerability in Wochat Android client. An attacker can exploit to obtain sensitive information...
Code injection
The seadroid aka Seafile Android Client application through 2.2.13 for Android always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks...
CVE-2019-8919
The seadroid aka Seafile Android Client application through 2.2.13 for Android always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks...
CVE-2019-8919
The seadroid aka Seafile Android Client application through 2.2.13 for Android always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks...
CVE-2019-8919
The CVE-2019-8919 entry applies to the Seafile Android Client (seadroid) up to version 2.2.13, which uses the same Initialization Vector (IV) for CBC encryption of private data. This IV reuse enables chosen-plaintext and dictionary-style attacks against encrypted data, as described in the NVD ent...
WSD-T13 Cloud Storage Camera (Android Client) Exists with Override Access Vulnerability
Ltd. is an enterprise specializing in the research and development, production, sales and service of security monitoring products. WSD-T13 Cloud Storage Camera Android client suffers from an overstepping access vulnerability. The vulnerability is due to the server on the client request data...
WSD-T13 Cloud Storage Camera (Android client) suffers from an override access vulnerability (CNVD-2019-06647)
Ltd. is an enterprise specializing in the research and development, production, sales and service of security monitoring products. WSD-T13 Cloud Storage Camera Android client suffers from an overstepping access vulnerability. The vulnerability is due to the server on the client request data...
Nextcloud: Bypassing lock protection
Nextcloud allows multi account within the android client app and relies on a single lock Based on the exposed intent nc://login, it is possible to add a new account under attacker domain and open the Nextcloud without the lock check. Proof of concept 1. open the NC app with the lock displayed 2...
WiGLE - Wifi Wardriving (Nethugging Client For Android)
Open source network observation, positioning, and display client from the world's largest queryable database of wireless networks. Can be used for site-survey, security analysis, and competition with your friends. Collect networks for personal research or upload to https://wigle.net. WiGLE has be...
SAP Mobile Secure Android Client Information Disclosure Vulnerability
SAP Mobile Secure Android Client is an Android-based mobile device management and security application from SAP. An information disclosure vulnerability exists in versions prior to SAP Mobile Secure Android client 6.60.19942.0 SP28 1711, which can be exploited by an attacker to access restricted...
CVE-2018-2500
Under certain conditions SAP Mobile Secure Android client before version 6.60.19942.0 SP28 1711 allows an attacker to access information which would otherwise be restricted...
CVE-2018-2482
SAP Mobile Secure Android Application, Mobile-secure.apk Android client, before version 6.60.19942.0, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. Install the Mobile Secure Android client released in Mid-Oct 2018...
Code injection
SAP Mobile Secure Android Application, Mobile-secure.apk Android client, before version 6.60.19942.0, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. Install the Mobile Secure Android client released in Mid-Oct 2018...
CVE-2018-2482
SAP Mobile Secure Android Application, Mobile-secure.apk Android client, before version 6.60.19942.0, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. Install the Mobile Secure Android client released in Mid-Oct 2018...