Mastercard Cybersecurity

Safeguarding Trade: Discovering the World of Mastercard Digital Guardrails In our tech-driven era, it is vitro important that financial dealings are shielded competently. A colossal number of exchanges are happening each day, proving the ever growing necessity of sturdy digital protective measure...

Authentication flaw

DISPUTED An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint...

CVE-2018-15543

An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in...

PT-2018-13079 · Telegram · Org.Telegram.Messenger

Name of the Vulnerable Software and Affected Versions: org.telegram.messenger application version 4.8.11 Description: An issue in the FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded...

CVE-2018-13434

An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The LAContext class for Biometric TouchID validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechanism is not used. ...

CVE-2018-13434

CVE-2018-13434 affects the LINE iOS app (version 8.8.0). The vulnerability stems from the LAContext biometric validation path, where bypass is possible because the kSecAccessControlUserPresence protection is not used, allowing authentication with an arbitrary fingerprint. The issue enables a loca...

Authentication flaw

DISPUTED An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint AP...

CVE-2018-12445

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in...

CVE-2018-12445

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in...

CVE-2018-12445

An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in...

CVE-2018-12445

The CVE-2018-12445 issue affects com.dropbox.android (version 98.2.2) where the FingerprintManager-based Biometric validation can bypass authentication by moving from onAuthenticationFailed to onAuthenticationSucceeded with a null result, due to improper integration between the fingerprint API an...

PT-2018-11178 · Dropbox · Com.Dropbox.Android

Name of the Vulnerable Software and Affected Versions: com.dropbox.android version 98.2.2 Description: An issue in the com.dropbox.android application allows authentication bypass through the FingerprintManager class for Biometric validation. This is possible because the fingerprint API, in...

CVE-2018-12271

An issue was discovered in the com.getdropbox.Dropbox app 100.2 for iOS. The LAContext class for Biometric TouchID validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechanism is not used. In...