Starkey Relax - Exported components, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Starkey Relax published at the 'play' market has multiple vulnerabilities...

Post.kz transfers - External URLs, Native code usage, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Post.kz transfers published at the 'play' market has multiple vulnerabilities...

+TVGO - Certificates or keys found, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application +TVGO published at the 'play' market has multiple vulnerabilities...

Apple Safari - Array concat Memory Corruption Exploit

Exploit for multiple platform in category dos / poc !-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1095 There is an out-of-bounds memcpy in Array.concat that can lead to memory corruption. In builtins/ArrayPrototype.js, the function concatSlowPath calls a native method...

Chrome Universal XSS using an intercepted native function (CVE-2016-1672)

VULNERABILITY DETAILS The fix for the issue 546677 is insufficient to protect against overriding the internal extensions code -- it is still possible to take over the built-in extension system with a combination of getters and setters. This allows web content to gain access to native functions th...

Chrome Universal XSS via the interception of |Binding| with Object.prototype.create (CVE-2016-1674)

VULNERABILITY DETAILS The fix for the issue 590118 is insufficient to protect against the bindings interception. While they can't be accessed by triggering accessors on the |modules| object anymore, it's still possible to trap the set operation for |Binding. create| using the Object. prototype...

Real Followers Booster - Native code usage, SD-card access, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Real Followers Booster published at the 'play' market has multiple vulnerabilities...

Mozaic GO - Customized SSL, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Mozaic GO published at the 'play' market has multiple vulnerabilities...

Google Android Qualcomm SPCom Driver Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Qualcomm SPCom Driver is a serial communication driver component. A power lifting vulnerability exists in the Qualcomm SPCom Driver in Android 6.0.1 and earlier versions...

NetCam - Native code usage, SD-card access, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application NetCam published at the 'play' market has multiple vulnerabilities...

Cryptographically Insecure Token Generation

react-native-meteor-oauth generates insecure tokens. These tokens are insecure because they are generated using the randomatic package which is not cryptographically secure. This makes it easier for attackers to brute force tokens...

DEBIAN-CVE-2017-7867

International Components for Unicode ICU for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utextsetNativeIndex function...

Why You Need a Database Audit Trail

Your ability to answer very detailed questions about what’s going on in your organization’s databases can make or break a compliance audit or security investigation. Aside from the obvious need for this information in the event of a breach, it’s also important because government, financial, and...

Orbot: Proxy with Tor - Exported components, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Orbot: Proxy with Tor published at the 'play' market has multiple vulnerabilities...

Stack overflow

Stack-based buffer overflow in native/modmanager/node.c in modcluster 1.2.9...

CVE-2016-4459

Stack-based buffer overflow in native/modmanager/node.c in modcluster 1.2.9...

VR Space: The Last Mission - External URLs, Native code usage, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application VR Space: The Last Mission published at the 'play' market has multiple vulnerabilities...

Ooredoo TV - Customized SSL, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Ooredoo TV published at the 'play' market has multiple vulnerabilities...

eDAT ACCESS App - External URLs, Native code usage, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application eDAT ACCESS App published at the 'play' market has multiple vulnerabilities...

VNC Viewer - Remote Desktop - Dangerous filesystem permissions, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application VNC Viewer - Remote Desktop published at the 'play' market has multiple vulnerabilities...