HP Insight Control For VMware vCenter Server 7.3 Insecure Permissions Vulnerability

HP Insight Control for VMware vCenter Server version 7.3 allows a low privileged attacker to read sensitive information files, decrypt all configuration server passwords, and gain access to the systems which in turn leads to the compromise of the whole infrastructure. / Exploit Title: HP Insight...

HP Insight Control For VMware vCenter Server 7.3 Insecure Permissions

/ Exploit Title: HP Insight Control for VMware vCenter Server Multiple Vulnerabilities Date: 11/05/2014 Author: Glafkos Charalambous Version: 7.3 Vendor: HP Vendor URL: http://www.hpe.com HP Case: SSRT101619 Product Description: HP Insight Control for VMware vCenter Server Insight Control for...

Ubuntu: Security Advisory (USN-3497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3497-1: OpenJDK 7 vulnerabilities

It was discovered that the Smart Card IO subsystem in OpenJDK did not properly maintain state. An attacker could use this to specially construct an untrusted Java application or applet to gain access to a smart card, bypassing sandbox restrictions. CVE-2017-10274 Gaston Traberg discovered that th...

Eurowings - cheap flights - Dangerous filesystem permissions, Insecure KeyStore, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Eurowings - cheap flights published at the 'play' market has multiple vulnerabilities...

OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated...

Multiple Vulnerabilities Affecting Four Rapid7 Products

Today, we'd like to announce eight vulnerabilities that affect four Rapid7 products, as described in the table below. While all of these issues are relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding the...

CVE-2017-11129

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is locked with a hard-coded password. Therefore, everyone with access to the keystore can read the content out, for example the private key of the user...

Hardcoded credentials

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is locked with a hard-coded password. Therefore, everyone with access to the keystore can read the content out, for example the private key of the user...

CVE-2017-11129

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is locked with a hard-coded password. Therefore, everyone with access to the keystore can read the content out, for example the private key of the user...

CVE-2017-11129

Affected software: heinekingmedia StashCat for Android (versions up to 1.7.5).Root cause: keystore protected by a hard-coded password, enabling access to keystore contents by anyone with keystore access (e.g., private keys).Impact: potential unauthorized reading of sensitive data stored in the ke...

CVE-2017-11129

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is locked with a hard-coded password. Therefore, everyone with access to the keystore can read the content out, for example the private key of the user...

Duo Mobile - Customized SSL, External URLs, KeyStore usage vulnerabilities

HackApp vulnerability scanner discovered that application Duo Mobile published at the 'play' market has multiple vulnerabilities...

Eredan Arena - Card Battle TCG - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Eredan Arena - Card Battle TCG published at the 'play' market has multiple vulnerabilities...

mccPILOTLOG - Customized SSL, External URLs, KeyStore usage vulnerabilities

HackApp vulnerability scanner discovered that application mccPILOTLOG published at the 'play' market has multiple vulnerabilities...

CVE-2016-10339

In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore...

Code injection

In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore...

CVE-2016-10339

In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore...

CVE-2016-10339

CVE-2016-10339 affects CAF Android builds using the Linux kernel. The issue allows HLOS to overwrite secure memory or read the keystore contents. Details across sources indicate the vulnerability impacts Android devices in CAF releases and were addressed in the 2017 Android security patches (June...

Personal Banking - Customized SSL, External URLs, KeyStore usage vulnerabilities

HackApp vulnerability scanner discovered that application Personal Banking published at the 'play' market has multiple vulnerabilities...