CVE-2025-68708

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through...

SailingLab AppLock 安全漏洞

SailingLab AppLock is a mobile application privacy protection tool developed by SailingLab. It supports features such as app locking, PIN verification, and fingerprint unlocking. Version 4.3.8 of SailingLab AppLock contains a security vulnerability. This vulnerability stems from the PIN lock bein...

CVE-2025-68708

SailingLab AppLock (com.alpha.applock) v4.3.8 for Android is affected by an overlay-based lock that bypasses PIN verification when an attacker with physical access navigates insecure, exposed routes via ads or browser intents. The root cause is the lock implementation not using Android’s secure a...

CVE-2022-33720

Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut...

EUVD-2020-12620

Malware in sbrugna...

EUVD-2019-14857

Malware in sbrugna...

EUVD-2020-29911

Malware in sbrugna...

EUVD-2023-25652

Malicious code in bioql PyPI...

EUVD-2024-18545

Malicious code in bioql PyPI...

EUVD-2022-29684

Malicious code in bioql PyPI...

EUVD-2022-25227

Malicious code in bioql PyPI...

EUVD-2022-36759

Malicious code in bioql PyPI...

EUVD-2022-52584

Malicious code in bioql PyPI...

CVE-2024-13917 Intent Injection in Kruger&Matz AppLock application

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.pri.applock.LockUI“ activity allows any other malicious application, with no granted Android system...

CVE-2024-13917

CVE-2024-13917 describes a vulnerability in the pre-installed Krüger&Matz/ Ulefone app “com.pri.applock” where the exposed activity LockUI can be abused by any malicious app (no system permissions) to inject an arbitrary intent with system-level privileges into a protected app. The exploit requir...

CVE-2024-13917 Intent Injection in Kruger&Matz AppLock application

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.pri.applock.LockUI“ activity allows any other malicious application, with no granted Android system...

CVE-2024-13916 Exposure of Applications' Encryption PINs in Kruger&Matz AppLock

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider's public method query allows...

CVE-2024-13916 Exposure of Applications' Encryption PINs in Kruger&Matz AppLock

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider's public method query allows...

CVE-2024-13916

CVE-2024-13916 affects pre-installed Krüger&Matz devices with app com.pri.applock. The vulnerability allows exfiltration of the PIN via the public method query() of the content provider com.android.providers.settings.fingerprint.PriFpShareProvider, without requiring Android permissions. The same ...

Krüger&Matz com.pri.applock 安全漏洞

Krüger&Matz com.pri.applock is a mobile application component from Krüger&Matz. A security vulnerability exists in Krüger&Matz com.pri.applock, which stems from a content provider query method that allows PIN disclosure...