Lucene search
K

4 matches found

OSV
OSV
added 2025/02/13 10:15 p.m.4 views

CVE-2025-20615

The Qardio Arm iOS application exposes sensitive data such as usernames and passwords in a plist file. This allows an attacker to log in to production-level development accounts and access an engineering backdoor in the application. The engineering backdoor allows the attacker to send hex-based...

6.6CVSS5.8AI score0.00223EPSS
Exploits0References2
OSV
OSV
added 2017/06/16 12:29 p.m.4 views

CVE-2017-9588

The "Oritani Mobile Banking" by Oritani Bank app 3.0.0 -- aka oritani-mobile-banking/id778851066 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/19 12:0 a.m.1 views

Warner Bros. ellentube app for iOS authentication vulnerability

Warner Bros. ellentube app for iOS is an iOS-based video playback app from Warner Bros. An authentication vulnerability exists in versions 3.1.1 through 3.1.3 of the Warner Bros. ellentube app for iOS, which stems from the program's failure to validate an X.509 certificate on the server side of a...

5.9CVSS6.8AI score0.00598EPSS
Exploits0References1
OSV
OSV
added 2017/05/15 6:29 p.m.1 views

CVE-2017-8939

The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00598EPSS
Exploits0References1
Rows per page
Query Builder