20 matches found
EUVD-2023-51507
Malicious code in bioql PyPI...
EUVD-2023-51506
Malicious code in bioql PyPI...
CVE-2023-47392
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request...
CVE-2023-47393
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the maintenance orders of other users and access sensitive user information via unspecified vectors...
CVE-2023-47393
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the maintenance orders of other users and access sensitive user information via unspecified vectors...
CVE-2023-47392
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request...
CVE-2023-47393
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the maintenance orders of other users and access sensitive user information via unspecified vectors...
CVE-2023-47392
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request...
CVE-2023-47392
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request...
Server side request forgery (ssrf)
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request...
Design/Logic Flaw
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the maintenance orders of other users and access sensitive user information via unspecified vectors...
CVE-2023-47392
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request...
CVE-2023-47393
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the maintenance orders of other users and access sensitive user information via unspecified vectors...
PT-2023-30440 · Mercedes · Mercedes Me Ios App
Name of the Vulnerable Software and Affected Versions: Mercedes me IOS APP versions 1.34.0 and below Description: The issue allows attackers to view the carts of other users by sending a crafted add order request, exploiting an access control problem. Recommendations: For Mercedes me IOS APP...
Mercedes-Benz Mercedes me Security Breach
Mercedes-Benz Mercedes me is an automotive software from Mercedes-Benz Germany. A security vulnerability exists in Mercedes-Benz Mercedes me v1.34.0 and prior versions, which stems from an access control issue that allows an attacker to view another user's maintenance orders and access sensitive...
CVE-2023-47393
CVE-2023-47393 describes an access control flaw in the Mercedes me iOS app (versions 1.34.0 and below) that could let an attacker view other users’ maintenance orders and access sensitive user data via unspecified vectors. The NVD entry rates it at CVSS v3.1 base score 5.3 (Medium) with network a...
PT-2023-30441 · Mercedes · Mercedes Me Ios App
Name of the Vulnerable Software and Affected Versions: Mercedes me IOS APP versions 1.34.0 and below Description: The issue allows attackers to view the maintenance orders of other users and access sensitive user information. Recommendations: For Mercedes me IOS APP versions 1.34.0 and below,...
Mercedes-Benz Mercedes me Security Breach
Mercedes-Benz Mercedes me is an automotive software from Mercedes-Benz Germany. A security vulnerability exists in Mercedes-Benz Mercedes me v1.34.0 and prior versions that stems from an access control issue that allows an attacker to view another user's shopping cart by sending a crafted add ord...
CVE-2018-18071
An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted Connected Vehicle API data exchange between the app and a server might be intercepted. The app can be used to operate the Remote Parking Pilot, unlock the vehicle, or obtain sensitive information such as...
Mercedes me - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Mercedes me published at the 'play' market has multiple vulnerabilities...