Tank Strike 3D - Base64 encoded String, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Tank Strike 3D published at the 'play' market has multiple vulnerabilities...

Едадил — акции в магазинах - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Едадил — акции в магазинах published at the 'play' market has multiple vulnerabilities...

ExpressionEngine: Arbitrary SQL query execution and reflected XSS in the "SQL Query Form"

Hello, The mentioned module is vulnerable to SQL injection due to the fact that a query can be done in a GET request, with the query is Base64 encoded and supplied as the value of the parameter "thequery". This allows an attacker to perform arbitrary SQL queries if they trick an authenticated adm...

Learning colors for kids - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Learning colors for kids published at the 'play' market has multiple vulnerabilities...

Acorns - Invest Spare Change - Base64 encoded String, Customized SSL, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Acorns - Invest Spare Change published at the 'play' market has multiple vulnerabilities...

WDliveapp - Base64 encoded String, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application WDliveapp published at the 'play' market has multiple vulnerabilities...

Miss Hollywood: Vacation - Base64 encoded String, Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Miss Hollywood: Vacation published at the 'play' market has multiple vulnerabilities...

TYPO3 6.2.19 / 7.6.4 RemoveXSS.php Filter Bypass

Madison Gurkha Security Advisory Advisory: TYPO3 circumvent RemoveXSS.php cross site scripting using BASE64 encoding 1. DETAILS ---------- Product: Typo3 CMS Vendor URL: typo3.org Type: Cross-site ScriptingCWE-79 Date found: 2016-03-09 Date published: 2016-05-19 2. AFFECTED VERSIONS...

Oracle Linux 6 : openssl (ELSA-2016-0996)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0996 advisory. - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding...

openssl security update

1.0.1e-48.1 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...

openssl security update

1.0.1e-51.5 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...

Mageia: Security Advisory (MGASA-2016-0169)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2016-0169 Updated openssl packages fix security vulnerability

An overflow can occur in the EVPEncodeUpdate function which is used for Base64 encoding of binary data. If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption CVE-2016-2105. An overflow can occur in the EVPEncryptUpdate...

FreeBSD-SA-16:17.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:17.openssl Security Advisory The FreeBSD Project Topic: Multiple OpenSSL vulnerabilities Category: contrib Module: openssl Announced: 2016-05-04 Credits:...

Debian DLA-456-1 : openssl security update

Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit. CVE-2016-2105 Guido Vranken discovered that an overflow can occur in the function EVPEncodeUpdate, used for Base64 encoding, if an attacker can supply a large amount of data. This could lead to a heap corruption...

Vulnerability in OpenSSL - EVP_EncodeUpdate overflow

An overflow can occur in the EVPEncodeUpdate function which is used for Base64 encoding of binary data. If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption. Internally to OpenSSL the EVPEncodeUpdate function is primarly...

Armor Blade - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Armor Blade published at the 'play' market has multiple vulnerabilities...

SuperPhoto - Effects + Filters - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application SuperPhoto - Effects + Filters published at the 'play' market has multiple vulnerabilities...

The Reason Why - Base64 encoded String, SD-card access, SQLite database found vulnerabilities

HackApp vulnerability scanner discovered that application The Reason Why published at the 'play' market has multiple vulnerabilities...

スヌーピー ストリート - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application スヌーピー ストリート published at the 'play' market has multiple vulnerabilities...