Lucene search
K

96 matches found

OSV
OSV
added 2021/08/24 7:15 p.m.4 views

CVE-2021-30944

Description: A logic issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious app may be able to access data from other apps by enabling additional logging...

5.5CVSS6.1AI score0.00794EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/08/24 12:0 a.m.4 views

PT-2021-18990 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.2 iPadOS versions prior to 15.2 watchOS versions prior to 8.3 macOS Monterey versions prior to 12.1 tvOS versions prior to 15.2 Description: A logic issue was addressed with improved state management, which could allo...

5.5CVSS4.8AI score0.00794EPSS
Exploits0References8
OSV
OSV
added 2021/02/26 3:15 a.m.4 views

CVE-2021-23977

Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 8...

5.3CVSS6.9AI score0.00874EPSS
Exploits0References3
Snyk
Snyk
added 2020/12/16 4:55 p.m.5 views

Directory Traversal

Overview com.google.android.play:core is a Google Play Core Library. Affected versions of this package are vulnerable to Directory Traversal. This flaw is in the SplitCompat.install endpoint. A malicious attacker can create an apk which targets a specific application, and if a victim were to...

8.8CVSS7.7AI score0.02883EPSS
Exploits1References2
OSV
OSV
added 2020/08/12 7:15 a.m.7 views

CVE-2020-8913

A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a...

8.8CVSS8AI score0.02883EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/08/12 12:0 a.m.7 views

PT-2020-20366 · Google · Google Play Core Library

Name of the Vulnerable Software and Affected Versions: Google Play Core Library versions prior to 1.7.2 Description: A local, arbitrary code execution issue exists in the SplitCompat.install endpoint in Android's Play Core Library. This allows a malicious attacker to create an apk that targets a...

8.8CVSS8.9AI score0.02883EPSS
Exploits1References8
The Hacker News
The Hacker News
added 2020/06/23 3:6 p.m.3 views

New Privacy Features Added to the Upcoming Apple iOS 14 and macOS Big Sur

Unprecedented times call for unprecedented measures. No, we're not talking about 'coronavirus,' the current global pandemic because of which Apple—for the very first time in history—organized its Worldwide Developer Conference WWDC virtually. Here we're talking about a world in which we are all...

5.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2020/04/09 12:0 a.m.7 views

Unexpected ASP.Net application shutdown after many App_Data file changes occur on a server that is running Windows Server 2012 R2

Unexpected ASP.Net application shutdown after many AppData file changes occur on a server that is running Windows Server 2012 R2 Symptoms Consider the following scenario: You have a server that is running Windows Server 2012 R2. You set up a website on Internet Information Services IIS. You creat...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2020/04/06 12:22 p.m.156 views

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/03/20 12:0 a.m.3 views

Huawei Mate 20 and Mate 30 Pro License Issue Vulnerability (CNVD-2020-22000)

The Huawei Mate 20 and Mate 30 Pro are both smartphones from the Chinese company Huawei Huawei. An authorization issue vulnerability exists in Huawei Mate 20 before 10.0.0.188 C00E74R3P8 and Mate 30 Pro before 10.0.0.203 C00E202R7P2, which stems from the app locking feature failing to perform...

4.6CVSS7AI score0.00245EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2019/07/15 5:44 p.m.1 views

iOS URL Scheme Could Let App-in-the-Middle Attackers Hijack Your Accounts

Security researchers have illustrated a new app-in-the-middle attack that could allow a malicious app installed on your iOS device to steal sensitive information from other apps by exploiting certain implementations of Custom URL Scheme. By default on Apple's iOS operating system, every app runs...

6.5AI score
Exploits0
OSV
OSV
added 2019/02/25 7:29 a.m.3 views

CVE-2019-9116

DLL hijacking is possible in Sublime Text 3 version 3.1.1 build 3176 on 32-bit Windows platforms because a Trojan horse api-ms-win-core-fibers-l1-1-1.dll or api-ms-win-core-localization-l1-2-1.dll file may be loaded if a victim uses sublimetext.exe to open a .txt file within an attacker's...

7.8CVSS7AI score0.01083EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2019/01/30 4:53 p.m.48 views

Apple Blasts Facebook Over Data-Sucking 'Research' App

Apple has revoked Facebook’s enterprise iOS developer certificate on the heels of a “Facebook Research” VPN app that was being distributed to consumers; the app paid teens and Millennial users in exchange for being able to track their phone and web activity, and has been available since 2016. App...

6.5AI score
Exploits0References7
CNVD
CNVD
added 2017/11/22 12:0 a.m.2 views

Multiple Shenzhen Tenda Products app_data_center Command Injection Vulnerabilities

Shenzhen Tenda Ac9 and so on are wireless router products of China Tenda Tenda Company. appdatacenter is one of the application data centers. A command injection vulnerability exists in appdatacenter in multiple Shenzhen Tenda products, which stems from the 'subA6E8 usbejectprocessentry' function...

8.8CVSS8.4AI score0.0255EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/20 12:0 a.m.3 views

Multiple Shenzhen Tenda Products app_data_center Path Traversal Vulnerability

Shenzhen Tenda Ac9 and so on are wireless router products of China Tenda Tenda Company. appdatacenter is one of the application data centers. A directory traversal vulnerability exists in appdatacenter in several Shenzhen Tenda products. A remote attacker can exploit this vulnerability to read...

6.5CVSS7.2AI score0.01034EPSS
Exploits0References1
OSV
OSV
added 2017/02/08 3:59 p.m.2 views

UBUNTU-CVE-2017-0420

An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not...

5.5CVSS6.8AI score0.00653EPSS
Exploits0References3
Rows per page
Query Builder